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Boeing  sets  example  All  eyes  are  on  the  airplane 

maker's  single  sign-on  project  with  Southwest  Airlines.  PAGE  12. 


Who’s  to  blame?  Two  experts  debate  whether  users 
or  vendors  are  responsible  for  CRM  failures.  PAGE  29. 
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Review: 

Access  routers 
put  to  the  test 


Counting  the  cost  of 
access  control 

Performance  testing  of  six 
enterprise  access  routers 
quantifies  the  cost  of  setting 
filters  on  these  devices. 

Page  35 

Filtering  dos  and  donts 

Tips  on  applying  router  filters 
in  an  enterprise  network. 

Page  36 
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An  outline  of  how  the  products 
tested  are  compared  in  terms 
of  interface,  management, 
failover  redundancy  and  options. 


Bit  by  bit, 
64-bit 
processors 
catching  on 

■  BY  JENNIFER  MEARS 

At  Fortis  Health,  servers  pow¬ 
ered  by  64-bit  Intel  processors 
are  used  to  run  business  analyt¬ 
ics  on  —  a  capability  the  health 
insurer  says  will  help  keep  it  one 
step  ahead  of  the  competition. 
But  Roger  Jones, senior  vice  pres¬ 
ident  and  CIO  at  the  Milwaukee 
firm,  isn’t  looking  at  Itanium 
through  rose-colored  glasses. 

Like  many  users,  Jones  says  he 
sees  the  benefits  of  the  stepped- 
up  processing  power  and  ex¬ 
panded  memory  capabilities  of 
64-bit  Intel  processors,  but  he 
also  sees  a  technology  that  is  still 
in  its  infancy 

“If  we’re  trying  to  collect  data  to 
understand  how  to  better  deliver 

See  64-bit,  page  57 


EMC  move  fuels 
storage  shakeout 


■  BY  DENI  CONNOR 

A  steadily  consolidating  storage  market  veered 
into  the  fast  lane  last  week  with  EMC’s  $1.3  billion 
purchase  of  Legato  Systems.  And  experts  see  noth¬ 
ing  but  open  road  ahead  for  more  mergers  and 
acquisitions. 

The  storage  industry  has  witnessed  about  125 
deals  since  2001 ,  with  26  having  been  consummated 
this  year.  EMC  has  been  on  a  spree  over  that  span, 
having  acquired  10  software  companies  —  includ¬ 
ing  Astrum, FileFbol,  Prisa  and  Terascape  —  as  part  of 
a  strategy  to  boost  software  revenue  from  23%  to  30% 
of  the  company’s  total  take.  Meanwhile,  more  than  50 
storage  companies  have  declared  bankruptcy  or 
folded  since  2001. 

The  bottom  line  for  customers  is  that  there  are 
advantages  and  disadvantages  in  consolidation. 

“Consolidation  lets  users  buy  integrated  products 
from  a  single  vendor  rather  than  point  products 


A  big  deal 

EMC’s  $1.3  billion  acquisition  of 
Legato  isthe  storage  industry’s 
largest  since  Veritas  and  Silver 
Lake  bought  Seagate  for  $20  billion 
three  years  ago. 


from  a  variety  of  vendors,”  says  Anders  Lofgren, 
senior  analyst  for  Forrester  Research. 

The  downside  is  that  customers  might  lose  bar¬ 
gaining  power. 

“Even  though  customers  will  get  better  service  and 
integration  as  consolidation  happens, because  there 
are  fewer  players,  there  is  less  price  stability”  says 
Brian  Babineau.an  analyst  with  Enterprise  Storage 

See  EMC,  page  14 


Starbucks  gets  win-win  from  Wi-Fi 


■  BY  TIM  GREENE 

Customers  of  coffee-shop  giant 
Starbucks  who  browse  the  Inter¬ 
net  from  in-store  wireless  hot 


spots  might  be  surprised  to  learn 
that  the  same  802.11b  network 
was  conceived  as  a  way  to  run  the 
retailer’s  business  more  efficiently. 

Starting  with  its  first  Wi-Fi  hot¬ 


spot  trial  in  the  fall  of  2001,  Star- 
bucks  has  piggybacked  its  corpo¬ 
rate  VPN  on  the  network  to  access 
applications  and  databases  that 
streamline  hiring,  sales,  inventory 
and  a  host  of  other  business  tasks, 
says  James  Snook,  Starbucks’  vice 
president  of  IT. 

Today  this  double-duty  network, 
which  operates  over  Cisco  wire¬ 
less  access  points  and  T-l  Internet 
connections,  serves  more  than 
2,300  Starbucks  stores  in  North 
America,  with  a  goal  of  2,500  by 
year-end.  In  the  future,  the  stores 
could  run  videostreams  for  train¬ 


ing  and  voice  over  IP  to  cut  down 
store-to-headquarters  phone 
costs,  Snook  says. 

The  company  is  out  in  front  of 
other  retail  stores  such  as  Borders 
bookstores  —  which,  like  Star- 
bucks,  has  teamed  with  T-Mobile 
to  provide  its  customers  with  Wi¬ 
Fi  Internet  access  —  and  McDon¬ 
ald’s,  which  kicked  off  hot-spot  tri¬ 
als  last  week  at  its  San  Francisco 
stores.  McDonald’s  has  partnered 
with  Wayport  to  provide  its  ser¬ 
vice.  So  far,  T-Mobile  has  about 
2,600  hot  spots,  the  bulk  of  them 
See  Starbucks,  page  56 


More  Wi-Fi  news 
inside: 

•AT&T,  MCI  air  Wi-Fi 
access  plans.  Page  in. 

•  Proxim  struggling  to 
cash  in  on  wireless  L Ai 
boom.  Page  III. 
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The  human  body  is  amazingly  efficient.  So  is  an  IBM  eServer 
xSeries®  system  running  Linux*'  Powered  by  Intel® Xeon™ 
processors,  xSeries  servers  for  Linux  can  have  low  start-up 
costs.  Low  admin  costs.  Low  overall  costs.  Helping  you  to 
improve  your  business  efficiency.  For  an  IDC  white  paper  on 
Linux  and  Intel  processor-based  servers,  go  to  the  URL  below. 

eServer:  servers  for  on  demand  business. 

Can  yOU  see  it?  See  it  at  ibm.com/eserver/efficiency 


IBM  eServer  xSeries  for  Linux 

•  Tower,  racks,  blades 

•  1-way  to  8-way 

•  Built-in  self-managing  capabilities 
•3,500  xSeries  Linux-enabled 

applications 
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Don  t  let  Internet  detractions 

< 

undermine  office  productivity. 

WWW 

Whether  it’s  shopping,  gambling,  travel  or  trading, 
cyberslacking  is  a  real  corporate  conundrum.  Put 
productivity  back  on  track  with  Websense  Enterprise 
software.  Implement  time  quotas  for  personal  surfing. 
Limit  use  of  bandwidth-intensive  applications  like 
peer-to-peer  and  streaming  media.  And  block  access  to 
inappropriate  sites.  With  Websense  Reporter,  Explorer 
and  Real-Time  Analyzer  you  have  up-to-the-minute 
access  to  Internet  usage  information  and  network 
performance.  And  Websense  Enterprise  offers  the 
benefit  of  easy  installation  and  seamless  integration 
with  the  leading  firewalls,  proxy  servers,  routers, 
network  switches  and  caching  appliances.  No  wonder 
the  Fortune  500  wasted  no  time  making  Websense  the 
preferred  solution  for  keeping  employee  online  activity 
on  task.  Visit  www.websense.com  today  for  more 
information  or  to  download  a  free  30-day  trial. 


EMPLOYEE  INTERNET  MANAGEMENT 
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■  9  Wal-Mart  shelves  one  part  of  RFID  test  plan. 

■  9  BellSouth  lowers  DSL  prices. 

■  10  Proxim  struggles  in  wireless  LAN  market. 

■  10  NetScout  ties  network  management  to  apps  performance. 

■  10  AT&T,  MCI  firm  up  Wi-Fi  plans. 

■  12  Boeing  lets  single  sign-on  project  fly. 

■  12  Zultys  releases  IP  PBX  for  smaller  shops. 


Features 

Access  routers  put  to  the  test 

Counting  the  cost  of  access  control 

Performance  testing  of  six  enterprise  access  routers  quantifies  the  cost  of  setting 
filters  on  these  devices.  Page  35. 

Filtering  dos  and  don'ts 

Tips  on  applying  router  filters  in  an  enterprise  network.  Page  36. 


Infrastructure 

■  15  Deutsche  Bank  gives  remote 
users  a  choice. 

■  15  Netgear  releases  managed 
Layer  3  box. 

■  16  Neoteris  launches  conferenc¬ 
ing  appliance. 

■  16  Dave  Kearns: 

Microsoft:  The  company  that  even 
gorillas  listen  to. 

Enterprise 

Applications 

■  19  IBM,  Microsoft  debut  Web 
specifications. 

■  19  NetScreen  among  vendors 
adding  IPv6  to  firewalls. 

■  20  Polycom  strengthens  video- 
conference  features. 

■  20  Scott  Bradner:  I  don't 
want  you  to  be  me. 

Service  Providers 

■  23  Equant  unveils  managed 
intrusion-detection  system  offering. 

■  23  GoBeam  offers  flat-rate  IP 
voice  plan. 

■  24  Special  Focus:  How  to 

get  more  out  of  frame  relay  with 
management  tools. 

■  26  Johna  Till  Johnson: 

Need  IP  telephony  talent? ...  Try  a 
service  provider. 


Technology  Update 

■  27  Fibre  Channel  over  IP 
bridges  Fibre  Channel  SANs. 

■  27  Steve  Blass:  Ask  Dr. 

Internet. 

■  28  Mark  Gibbs:  Wrapping 
up  the  wireless  LAN. 

■  28  Keith  Shaw:  Toolless 
desktop,  swivelicious  monitor. 

Opinions 

■  29  Face-Off:  Who's  to  blame 
for  CRM  failures  —  buyers  or 
vendors? 

■  32  Editorial:  Reserving 
judgment  on  IDS  death. 

■  33  Steven  Taylor:  Return 
training  to  the  budget. 

■  33  Daniel  Briere:  Needed: 

A  return  to  simplicity. 

■  58  BackSpin:  Past  the  event 
horizon. 

■  58  'Net  Buzz:  What  the  heck 
is  Infone  and  why  should  we  trust 
Jesse  and  James? 

Management 

Strategies 

■  43  Wrangling  wireless  costs: 
Negotiate  a  corporate  contract  and 
stay  on  top  of  usage  to  keep 
employees'  cell  phone  bills  low. 


IBM's  ThinkCentre 
S50  is  less  than  half 
the  size  of  a  typical 
desktop. 

Page  28. 


Featured  players 

An  outline  of  how  the  products  compare  in  terms  of  interface,  management,  failover 
redundancy  and  options.  Page  40. 
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Interactive 

Router  Buyer's  Guide 

Our  newest  Buyer's  Guide  offers  detailed  vendor  specs  on  54  enterprise 
routers  —  and  lets  you  compare  them  on  a  variety  of  criteria. 

DocFinder.  6744 

Identity  management 

Want  to  get  up  to  speed  on  identity  management?  Our  Identity 
Management  Research  Center  offers  links  to  in-depth  background 
information  and  the  latest  news  and  analysis.  An  RSS  feed  is  available. 

DocFinder:  6745 

Extend  the  power  of  Fusion 

Fusion  Look  Up  lets  you  highlight  a  word  or  phrase  on  pretty  much  any 
Web  page  anywhere  and  get  background  information  from  our  search 
engine.  Installation  takes,  at  most,  30  seconds. 

DocFinder:  6746 

Seminars  and  events 


The  New  Data  Center  Powering  the  Enterprise 

The  new  data  center  is  the  new  driving  force  of  the  enterprise,  rising 
to  take  command  and  control  through  consolidation  and  virtualization, 
automation  and  efficiency,  If  your  data  center  isn't  fully  metered,  fully 
accountable  and  fully  effective,  don't  miss  this  Network  World  Tech¬ 
nology  Tour  event.  The  event  is  free  to  qualified  professionals  only. 
DocFinder:  6646 
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Columnists 


Compendium 

The  week's  most  brilliant  software 
Fusion  Executive  Editor  Adam  Gaffin  stumbles  across  NaDa 
— -  a  1-byte  piece  of  software  that  does,  well,  nothing.  But 
it's  cross-platform.  DocFinder:  6747 

Wireless  Wizards 

Adding  802. 11g  to  the  WLAN 

The  Wizards  explain  how  to  consider  the  standard  as  you  put 
together  your  wireless  network  plans.  DocFinder:  6748 

Help  Desk 

Multiple  servers,  one  logon? 

Columnist  Ron  Nutter  helps  a  user  who  wants  to  simplify 
logons  for  a  network  with  servers  running  a  variety  of 
operating  systems.  DocFinder:  6749 

Telework  Beat 

Net.Worker  Managing  Editor  Toni  Kistner  discusses  100M 
bit/sec  802.11n.  DocFinder:  6750 

Breaking  News 

Come  online  for  exclusive  breaking  news  every  day. 

DocFinder:  6342 

Free  e-mail  newsletters 

Sign  up  for  any  of  more  than  40  free  e-mail  newsletters  on 
key  network  topics.  DocFinder:  6343 

What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and 
resources  online.  Simply  enter  the  four-digit 
DocFinder  number  in  the  search  box  on  the 
home  page,  and  you’ll  jump  directly  to  the 
requested  information. 


NetworkWorld 


7/14/03 


www.nwfusion.com  | 


Judge  says  3Com  can  back  Huawei 

■  A  judge  ruled  last  week  that  3Com  can  participate  in  a  lawsuit 
filed  by  Cisco  against  Huawei  Technologies.  3Com  can  assist 
Huawei  in  future  court  proceedings,  the  judge  said.  Cisco  is  suing 
Huawei  for  copyright  and  patent  infringements.  3Com’s  stake 
comes  from  the  joint  venture  it  formed  with  Huawei  in  March, 
through  which  3Com  will  resell  Huawei-based  enterprise  network 
gear.  In  January  Cisco  sued  Huawei,  a  China  maker  of  WAN  routers 
and  LAN  switches,  for  patent  and  copyright  infringement.  Cisco 
alleges  that  Huawei  hijacked  its  IOS  software  and  copied  text  from 
Cisco  training  manuals.  A  Texas  court  last  month  issued  an  injunc¬ 
tion  against  Huawei  to  stop  using  Cisco  software  and  training  mate¬ 
rials,  but  Huawei  said  it  had  already  removed  any  offending  lines  of 
code  or  text.  Cisco  said  it  did  not  object  to  3Com’s  participation. 

Cisco  patches  CatOS  flaw 

■  A  flaw  in  Cisco’s  CatOS,  which  runs  on  Cisco  Catalyst  switches,  could  freeze  TCP-based 
management  services  on  the  switch.  A  fix  is  available  from  Ciscos  Web  site. The  vulnera¬ 
bility  could  let  an  attacker  disable  some  management  interfaces  to  a  Catalyst  switch. The 
flaw  cannot  be  exploited  to  affect  basic  packet  switching,  according  to  the  BugTraq  secu¬ 
rity  alert  mailing  list.  Upon  receiving  eight  non-standard  TCP  flags  (a  series  of  send/receive 
messages  involved  in  a  standard  TCP  handshake),  a  Catalyst  switch  running  CatOS  will 
stop  responding  to  TCP  requests.  This  will  disable  TCP  services  on  the  box  until  it  is 
rebooted.  Catalyst  4000,5000  and  6000  switches  are  affected  by  the  CatOS  flaw.  Cisco  and 
BugTraq  say  that  only  Catalyst  chassis  running  CatOS,  and  not  IOS  software,  are  affected. 

Wi  Fi  Alliance  approves  802.1 1g  products 

■  The  Wi-R  Alliance,  following  successful  interoperability  testing,  has  approved  the  first 
batch  of  products  based  on  the  new  802.1  lg  wireless  Internet  standard. This  is  the  fourth 
Wi-R  product  certification  developed  by  the  alliance  since  it  began  its  interoperability¬ 
testing  program  in  March  2000,  the  Alliance  says.  Nearly  800  products  received  Wi-R  certi¬ 
fication. The  new  802.1  lg  standard  lays  out  the  ground  rules  for  wireless  LAN  gear  capa¬ 
ble  of  24M  to  51M  bit/sec,  while  remaining  backward-compatible  with  existing  802.11b 
gear  that  runs  at  a  maximum  1 1M  bit/sec.  Both  use  radio  spectrum  in  the  2.4-GHz  radio 
band.  Another  standard, 802.1  la,  defines  54M  bit/sec  gear  in  the  5-GHz  range. 

Ellison  sees  Oracle  buying  ‘almost  anything' 

■  Oracle  executives  last  week  repeated  that  more  takeovers  could  follow  the  company’s 
bid  for  FVopleSoft.“We’d  be  interested  in  buying  almost  anything,”  Oracle  Chairman  and 
CEO  Larry  Ellison  said  at  a  meeting  with  financial  analysts  at  his  company’s  Redwood 

COMPENDIUM 

Platforms,  shmatforms 

Joshua  Allen,  who  helps  build  applications,  writes  that  programmers  sometimes  lose 
sight  of  the  people  who  actually  use  their  software:  “We  in  the  software  industry  are 
waaay  too  guilty  of  this  self-indulgence  where  we  think  that  the  world  cares  about  our 
politics,  platforms  and  gratuitous  layers  of  abstraction.”  Read  his  entire  essay  at: 
www.nuyfusion.com,  DocFinder:  6761. 


■  hi  Good  he  Bad  ie  Ugly 


At  last,  the  bleeding  stops. 

That's  the  headline  Goldman  Sachs 
used  on  its  latest  IT  spending 
survey,  which  found  that  100  IT 
executives  interviewed  in  June  expect 
spending  for  this  year  to  be  about 
the  same  as  last  year.  That's  a  shift 
from  the  last  survey,  conducted  in 
April,  when  IT  executives  said  spending 
would  be  down  3%  from  last  year. 


Cdl  phoniCS?  A  new  survey 
reveals  that  86%  of  wireless  phone 
subscribers  claim  to  rarely  or  never 
partake  in  rude  cell  phone  use. 

However,  half  of  the  1,175 
wireless  subscribers  interviewed 
by  Harris  Interactive  on  behalf  of 
AT&T  Wireless  said  they  think  Americans 
are  generally  discourteous  when  using  cell  phones 
in  public.  Hmmm,  that  just  doesn't  add  up,  does  it?  > 


BRIAN  GAIDRY 


Payback  time.  A  U.S.  district  court  judge  last  week  approved  a  deal 
under  which  victims  of  MCI  fraud  could  split  $250  million  in  shares  and  $500 
million  in  cash  in  a  settlement  of  a  civil  action  brought  by  the  Securities  and 
Exchange  Commission.  In  his  ruling,  Judge  Jed  Rakoff  noted  that  the  penalty 
to  be  paid  by  MCI,  still  legally  known  as  WorldCom,  would  be  75  times  greater 
than  any  previous  such  penalty.  Of  course,  to  some  of  those  harmed,  even  that's 
not  punishment  enough. 


Shores,  Calif.,  headquarters.That  is  if  the  price  is  right,  and  “almost  anything”  has  its  exclu¬ 
sions,  Ellison  said.  Oracle  won’t  buy  Ariba  or  CommerceOne,  vendors  of  online  market¬ 
places.  Also,  Oracle  looked  at  buying  Legato  Systems,  but  didn’t  because  it  felt  it  couldn’t 
win  from  Veritas  in  storage  management  software,  he  said.  EMC  last  week  announced  a 
deal  to  buy  Legato  in  a  stock  transaction  valued  at  $1.3  billion.  On  the  database  side, 
Oracle  is  interested  in  technologies  that  will  help  users  reduce  cost  and  fit  with  its  strate¬ 
gy  of  getting  more  information  into  a  database,  while  on  the  applications  side  Oracle 
wants  to  move  further  into  verticals  such  as  healthcare  and  retail,  executives  said. 

Sprint  touts  advance  using  FGIP 

■  Sprint  along  with  Hitachi  Data  Systems  and  Cisco  last  week  demonstrated  a  storage- 
area  network  that  replicates  data  for  disaster-recovery  purposes  over  distances  greater 
than  previously  possible.  The  network,  which  uses  the  recently  adopted  Rbre  Channel 
over  IP  standard  (see  related  story, page  27), connects  two  SANs  located  1,800  miles  apart 
in  Overland  Park,  Kan.,  and  Burlingame,  Calif. Sprint  says  that  previously  FCIP  could  span 
only  45  miles.  FCIP  which  encapsulates  Rbre  Channel  data  in  IP  packets  for  transport, 
allows  for  a  greater  number  of  less-expensive  connections  than  the  dense  wavelength  divi¬ 
sion  multiplexing  lines  traditionally  used  for  long-haul  communications. Sprint’s  pilot  net¬ 
work  connected  Hitachi  Freedom  Storage  Lighting  9900  V  Series  systems  using  private 
Sprint  circuits  and  Cisco  MDS  9000  Rbre  Channel  switches. 

Sun  inks  Unix  license  with  SCO 

■  Microsoft  and  Sun  finally  have  something  in  common:  Both  have  signed  Unix  licensing 
agreements  with  The  SCO  Group  in  the  last  year. The  licensing  agreements,  which  cover 
source  code  and  patents  contained  in  SCO’s  Unix  operating  system,  will  net  SCO  a  total 
of  $13.25  million  in  2003,  according  to  documents  filed  by  SCO  with  the  Securities  and 
Exchange  Commission  last  week. Sun’s  license  is  one  of  several  it  has  signed  with  various 
owners  of  Unix  System  V  source  code, of  which  SCO  is  the  latest, says  John  Loiacono.vice 
president  of  Sun’s  Operating  Platforms  group.  Microsoft  announced  a  similar  deal  with 
SCO  in  May  —  a  move  that  some  industry  observers  interpreted  as  supporting  SCO’s  ongo¬ 
ing  breach  of  contract  lawsuit  with  IBM.  Sun’s  agreement  can  be  seen  in  a  similar  light, 
according  Harry  Fenik.the  president  of  industry  consulting  firm  The  Sageza  Group. 
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Wal-Mart  shelves  RFID  test  plan 


■  BY  JOHN  COX 

Wal-Mart  has  decided  against 
testing  a  wireless  inventory  con¬ 
trol  system  on  shelves  at  a  subur¬ 
ban  Boston  store.  It’s  a  move 
some  privacy  advocates  are  hail¬ 
ing  as  a  victory,  but  one  the  re¬ 
tailer  calls  unrelated  to  concerns 
about  possible  misuse  of  radio 
frequency  identification  chips. 

Spokesmen  for  Wal-Mart  and 
Gillette,  which  had  been  Wal- 
Mart’s  partner  in  the  project,  say 
the  decision  simply  reflects  a 
change  in  business  priorities,  with 
Wal-Mart  now  focused  on  deploy¬ 
ing  RFID  in  its  sprawling  distribu¬ 
tion  centers  to  track  pallets  and 
cases  of  goods. 


■  BY  DENISE  PAPPALARDO 

BellSouth  last  week  became 
the  latest  local  exchange  carrier 
to  drop  its  DSL  service  rates  in  an 
effort  to  convert  more  dial-up 
and  cable  modem  Internet  ac¬ 
cess  users. 

The  carrier’s  new  DSL  Lite, 
priced  at  $35  per  month,  offers 
transmission  speeds  of  256K 
bit/sec  downstream  and  128K 
bit/sec  upstream. That’s  a  lower- 
speed  but  also  lower-priced 
broadband  offering  than  the 
company’s  original  FastAccess 
DSL  service,  which  costs  $45  per 
month  for  transmission  speeds 
of  1.5M  bit/sec  downstream  and 
256K  bit/sec  upstream. 

Last  month  SBC  lowered  the 
price  of  its  DSL  service  by  14% 
(www.nwfusion.com,  DocFinder: 
6755)  on  the  heels  of  Verizon, 
which  slashed  its  DSL  rates  in 
May  by  30%  (DocFinder  6756). 

The  LECs  are  not  so  much  try¬ 
ing  to  compete  with  each  other 
on  price,  but  rather  are  attempt¬ 
ing  to  win  over  customers  who 
were  thinking  of  going  with 
cable  modem  service,  says  Jason 
Knowles,  an  analyst  at  Current 
Analysis. 

Cable  service  costs  more 

Cable  modem  Internet  access 
service  generally  is  priced  higher. 
Comcast,  for  example,  charges 
$43  per  month  for  transmission 
speeds  of  256K  bit/sec  upstream 
and  up  to  2M  bit/sec  down¬ 
stream.  Time  Warner  Cable 
charges  $45  per  month  for  trans¬ 
mission  speeds  of  356K  bit/sec 


“We  never  started  a  trial  there 
[in  the  Brockton,  Mass.,  store],” 
says  Tom  Williams,  a  Wal-Mart 
spokesman.  “They  brought  some 
hardware  in  for  the  shelf.  And 
then  removed  it.That  would  have 
been  in  late  May’ 

Gillette  spokesman  Paul  Fox 
says  the  consumer  products 
maker  never  sent  Wal-Mart  any 
individual  items,  such  as  razors, 
outfitted  with  RFID  tags,  which 
combine  the  wireless  chip,  pro¬ 
grammed  with  a  unique  number, 
and  a  small  flexible  antenna. 

The  chip  is  activated  only  when 
an  RFID  reader  scans  it.  When  the 
chip  wakes  up,  it  sends  the 
unique  identifier  number,  which 
the  reader  passes  along  to  appli¬ 


upstream  and  up  to  2M  bit/sec 
downstream. 

BellSouth’s  price  move  is  also 
an  effort  to  migrate  some  of  the 
carriers  approximately  700,000 
dial-up  Internet  access  cus¬ 
tomers  to  broadband. 

“The  service  is  an  idea  born  out 
of  market  research  where  cus¬ 
tomers  told  us  they  wanted  faster 
service,  but  they  didn’t  need  the 
higher-speed  DSL,”  says  Michael 
Bowling,  vice  president  of  broad¬ 
band  marketing  at  BellSouth. 

While  BellSouth’s  offering 
might  not  appear  as  compelling 
next  to  SBC  and  Verizon,  which 
offer  higher-speed  DSL  services 
at  a  lower  rate  (see  graphic, 
above),  BellSouth  has  been  able 
to  migrate  more  of  its  customers 
to  DSL  than  its  competitors. This 
might  be  one  reason  why  it  did 
not  cut  the  price  of  its  Fast- 
Access  offer. 

According  to  Merrill  Lynch  re¬ 
search,  BellSouth  has  1 . 1  million 
DSL  subscribers  over  24.5  mil¬ 
lion  access  lines.  That’s  a  DSL 
customer  penetration  rate  of 


cations  such  as  inventory  control 
and  shipping.  The  RFID  readers 
can  be  big  enough  for  forklifts  to 
pass  through  or  small  enough  to 
fit  on  retail  shelves. 

These  so-called  smart  shelves 
can  read  the  RFID  tag  when  an 
individual  item  is  placed  on  the 
shelf  and  when  it’s  removed.  The 
shelf,  in  effect,  can  count  the 
items  left  on  it  and  alert  inventory 
systems  when  the  number  falls 
below  a  threshold. 

It’s  this  particularity,  among 
other  things,  that  outrages  some 
consumer  privacy  activists,  who 
argue  that  RFID  tags  can  send  out 
radio  waves  that  identify  not  only 
the  item  but  where  and  with 
whom  the  item  is  going.  The  fol¬ 


4.6%.  Although  SBC  and  Verizon 
have  more  customers  —  2.5  mil¬ 
lion  and  1.8  million,  respectively 
—  each  has  a  lower  customer 
penetration  rate.  SBC  has  56.7 
million  access  lines,  and  Verizon 
has  57.5  million  access  lines, 
with  customer  penetration  rates 
of  4.4%  and  3.2%,  respectively, 
according  to  Merrill  Lynch. 

While  these  DSL  services  from 
BellSouth,  SBC  and  Verizon  are 
aimed  at  residential  customers,  a 
large  number  of  customers  use 
these  services  occasionally  or 
regularly  to  access  their  corpo¬ 
rate  networks  from  home. 

These  users  should  check  their 
service  rates.  Network  managers 
who  let  employees  get  their  own 
broadband  access  and  then  ex¬ 
pense  those  charges  to  the  com¬ 
pany  might  want  to  recommend 
that  employees  review  their  ser¬ 
vice  charges  —  especially  if  the 
company  is  footing  the  bill. 

If  employees  are  paying  $50 
per  month  for  residential  DSL 
today,  then  they  likely  are  paying 
too  much.  ■ 


lowing  warning  is  listed  on  the 
RFID  page  (www.epic.org/privacy 
/rfid/)  of  the  Electronic  Privacy 
Information  Center, a  Washington, 
D.C.,  public  interest  research 
group:  “RFID  systems  enable 
tagged  objects  to  speak  to  elec¬ 
tronic  readers  over  the  course  of 
a  product’s  lifetime  —  from  pro¬ 
duction  to  disposal  —  providing 
retailers  with  an  unblinking, 
voyeuristic  view  of  consumer  atti¬ 
tudes  and  purchase  behavior’’ 

A  plan  earlier  this  year  by  Italian 
apparel  maker  Benetton  to  add 
RFID  tags  to  its  clothing  items 
sparked  an  Internet-energized 
boycott.  The  company  in  April 
issued  a  statement  that  none  of  its 
garments  currently  carry  RFID 
tags  and  that  it  was  continuing  to 
evaluate  the  technology 

So,  it  seems,  is  almost  everyone 
who’s  anyone  in  retail. 

Wal-Mart  affirmed  its  RFID  com¬ 
mitment  last  month  when  CIO 
Linda  Dillman  outlined  plans  to 
introduce  the  tags  on  freight  pal¬ 
lets  and  cases  by  2005.The  retailer 
is  working  with  its  top  100  suppli¬ 
ers  on  the  plan  (see  www.nwfu 
sion.com,  DocFinder:  6754). 

Italian  designer  Prada  has  had 
since  December  2001  an  exten¬ 
sive  RFID  system  at  its  super¬ 
trendy  Prada  Epicenter  store  in 
Manhattan’s  Soho  district.  A  shop¬ 
per  can  take  a  suit  into  the  high- 
tech  dressing  rooms,  which  are 
made  of  clear  glass  that  turns 
opaque  when  you  step  on  a  black 
button  on  the  floor.  An  RFID  scan¬ 
ner  in  the  room  reads  the  tag  and 
displays  information  about  the 
suit  and  accessories  on  a  touch¬ 
screen  liquid  crystal  display 

Gillette  two  weeks  ago 
launched  an  RFID  trial  at  its 
Devens,  Mass.,  packing  and  distri¬ 
bution  center. 

The  goal,  Gillette  spokesman 
Fox  says,  is  to  see  how  accurately 
the  company  can  identify  and 
track  cases  of  razors  and  other 
items  as  they  arrive  at  the  center, 
are  packaged  individually  for  re¬ 
tail  displays,  stored  in  inventory 
and  then  selected  for  shipment  to 
Wal-Mart  or  Costco.  Gillette  con¬ 
tinues  working  with  two  overseas 
smart-shelf  trials,  one  by  Tesco,  a 
British  grocery  chain,  and  one  by 
Metro  AG,  one  of  Germany’s 
biggest  retailers.  ■ 
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BellSouth  lowers  DSL  pricing 

Broadband  bargains? 

The  days  of  $50-per-month  broadband  service  may  be  over 
as  DSL  rates  fall. 


LEG 

Service 

Upstream 

speed 

Downstream 

speed 

Monthly 

rate 

BellSouth 

DSL  Lite 

128K  bit/sec 

256K  bit/sec 

$35 

Qwest 

MSN  Broadband 

256K  bit/sec 

256K  bit/sec 

$40 

SBC 

SBCYahoo!  DSL 

128K  bit/sec 

356K  bit/sec 

$30* 

Verizon 

Verizon  Online 
DSL 

128K  bit/sec 

1.5M  bit/sec 

$35 

‘For  a  one-year  contract.  Service  is  $40  per  month  without  an  annual  contract. 
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Proxim  struggles  continue 
despite  WLAN  popularity 


What’s  wrong  with  this  picture? 


While  most  wireless  LAN  market  numbers  have  been  on 
the  rise  . . . 


Q4  2002 

Q1  2003 

Access  point  shipments 

1.5M 

1.8M 

WLAN  global  hardware  revenue 
(Infonetics  Research) 

$455M 

$482M 

2001 

2002 

WLAN  hot-spot  locations 
(Gartner) 

1,214 

14,752 

. . .  Proxim  has  been  unable  to  take  advantage. 

Quarter  ending  6/28/02 

9/27/02 

12/31/02 

3/28/03 

Revenue  $45.2M 

$24.1  M 

$50M 

$40  M 

Net  loss  $6.7M 

$31 .9M 

$142.7M 

$9.3M 

NetScout  looks  to  tie 
management  data 


■  BY  JOHN  COX 

If  wireless  is  such  a  hot  market, 
why  can’t  Proxim  make  any 
money? 

That’s  the  question  on  the 
minds  of  customers  and  industry 
watchers  who  have  seen  the  com¬ 
pany  pile  up  more  than  $190  mil¬ 
lion  in  losses  during  the  past  four 
quarters  even  as  industrywide 
shipments  and  revenue  from 
wireless  products  steadily  rise. 

Last  week,  when  Proxim  warned 
that  it  would  lose  more  money 
than  expected  in  the  quarter  that 
just  ended,  it  also  announced  the 
resignations  of  Chairman  Jon¬ 
athan  Zakin  and  Vice  Chairman 
David  King.  The  two  board  mem¬ 
bers  were  most  closely  identified 
with  Proxim’s  business  strategy 
for  the  past  two  years. 

It’s  not  clear  whether  they  were 
urged,  or  forced,  out  by  investor 
and  stockholder  Warburg  Pincus, 
the  New  York  investment  compa¬ 
ny  that,  according  to  one  report, 
holds  more  than  80%  of  Proxim’s 
not-very-valuable  stock,  according 
to  one  report.  Proxim  CFO  Keith 
Glover  did  not  return  a  phone  call 
requesting  clarification  of  War¬ 
burg’s  stock  ownership. 

Proxim  CEO  and  President 
Frank  Plastina  was  named  to 
those  posts  in  May  after  joining 
Warburg  a  month  before  as  the 


investment  firm’s“executive  in  res¬ 
idence.”  Plastina  had  just  wrapped 
up  a  15-year  career  at  Nortel, 
where  he  was  on  a  short  list  of 
candidates  to  head  up  the  trou¬ 
bled  telecom  vendor.  Through  a 
spokesperson,  Plastina  declined 
to  talk  about  Proxim’s  financials, 
citing  the  Securities  and 
Exchange  Commission  quiet 
period  rules  leading  up  to  the 
company’s  quarterly  earnings 
announcement  July  22. 

“They  haven’t  done  as  well  as 
might  be  expected,”  says  Richard 
Webb,  a  market  analyst  with  Info- 
netics  Research. “They’ve  had  all 


sorts  of  brands  and  all  sorts  of 
brand  names, some  of  them  over¬ 
lapping.  They’ve  had  a  lot  of 
products  on  the  fixed  wireless 
side  and  several  different  wire¬ 
less  LAN  products.  It’s  the  mess 
you  would  expect  from  several 
companies  being  mixed  to¬ 
gether,  which  is  Proxim’s  history’ 
The  mess,  however,  has  started 
to  get  cleaned  up,  Webb  says. 

“They  have  a  much  more  well- 
defined  wireless  portfolio  now;” 
he  says.“That’s  likely  to  help.” 

But  almost  everywhere  Proxim 
turns,  it  faces  entrenched,  strong 
See  Proxim,  page  14 


■  BY  DENISE  DUBIE 

IT  staff  members  at  Mohegan 
Sun  aren’t  allowed  to  bet  at  the 
casino,  and  they  didn’t  want  to 
gamble  with  managing  an  Ether¬ 
net  network  that  supports  6,200 
slot  machines  and  7,500 
switches,  routers  and  servers. 

IT  executives  at  the  Uncasville, 
Conn., casino  say  that’s  why  they 
decided  to  go  with  a  new  ver¬ 
sion  of  NetScout’s  nGenius  Per¬ 
formance  Manager.  NetScout 
this  week  will  introduce  Version 
2.0  of  the  software  and  nGenius 
Probe  Firmware  6.0  for  its  hard¬ 
ware  probes. 

The  upgrades  let  the  software 
and  hardware  combination 
accept  data  from  homegrown 
applications,  monitor  protocol- 
specific  traffic  —  such  as  Cisco’s 
NetFlow  and  Foundry  Networks’ 
sFlow  —  and  consolidate  net¬ 
work  and  application  perfor¬ 
mance  data  in  one  manage¬ 
ment  interface. 

NGenius  Performance  Man¬ 
ager  runs  on  a  server  and  com¬ 
municates  with  the  hardware 
probes  to  collect  application 
and  traffic  data.  The  software 
also  can  poll  devices  and 
servers  to  collect  performance 
metrics.  In  this  release  NetScout 
will  offer  the  software  in  a  pack¬ 
aged  appliance. 

For  the  past  few  years,  Mohe- 


gan’s  Jake  Star  and  his  network 
team  have  used  nGenius  Perfor¬ 
mance  Manager  1.4  to  monitor 
the  casino’s  Cisco  switches  and 
routers,  and  Ipswitch’s  WhatsUp 
Gold  system  management  soft¬ 
ware  to  track  the  status  and 
availability  of  its  more  than  90 
Windows  NT  servers,  seven  IBM 
iSeries  AS/400  mainframes  and 
10  RS/6000  Unix  servers.  But  the 
company  wanted  to  bring  those 
functions  under  one  platform. 

“We  needed  something  to  re¬ 
duce  the  blame  game  between 
the  network  and  applications,” 
says  Star,  vice  president  of  com¬ 
puter  services. 

With  new  features  in  Version 
2.0,  Star  says  the  casino  slowly 
can  phase  out  its  current  network 
monitoring  package  —  Ipswitch’s 
software.  “NetScout  will  be  like 
having  two  tools  in  one,”  he  says. 

The  casino  plans  to  upgrade 
its  nGenius  Performance  Man¬ 
ager  1 .4  software  to  Version  2.0 
next  month.  Currently,  Mohegan 
Sun  manages  the  overall  slot 
machine  network,  but  it  wants 
to  manage  individual  slot 
machines.  Until  each  machine  is 
given  an  IP  address  and  con¬ 
nected  to  the  Ethernet  network, 
the  IT  staff  can’t  track  the  status 
and  health  of  individual 
machines,  Star  says. 

New  features  in  NetScout’s  soft¬ 
ware  could  help  him  track  all 
devices  on  the  Ethernet  network 
from  a  single  -management  inter¬ 
face,  he  says. 

NetScout,  which  competes  with 
Network  Associates  and  Concord 
Communications,  is  looking  to 
provide  its  customers  with  more 
ways  to  slice  and  dice  the  data  its 
software  collects,  says  Stephen 
Elliot,  senior  analyst  at  IDC. 
NetScout  made  its  software  easi¬ 
er  to  use,  but  the  company  could 
do  more  to  integrate  and  get 
value  out  of  other  sources  of  data 
in  enterprise  networks,  he  says. 

“NetScout’s  strength  is  in  the 
network,  and  they  are  starting  to 
expand  into  applications,  but 
there  can  always  be  more  work 
done  on  bringing  up  the  data 
they  collect  in,  say  storage  and 
other  systems,”  Elliot  says. 

NetScout’s  nGenius  Perform¬ 
ance  Manager  2.0  costs  $50,000, 
and  its  nGenius  Probe  Firmware 
6.0  starts  at  about  $8,000  per 
probe.  The  products  are  sched¬ 
uled  to  be  available  by  the  end 
of  the  month.  ■ 


AT&T,  MCI  firm  up  Wi-Fi  VPN  access  plans 


■  BY  DENISE  PAPPALARDO 

The  two  largest  carriers  are  getting  closer  to 
offering  Wi-Fi  VPN  access  for  customers  who 
spend  lot  of  time  on  the  road. 

AT&T  last  week  signed  a  deal  with  Gric  Com¬ 
munications  that  will  let  AT&T  customers 
access  2,000  Wi-Fi  hot  spots  around  the  world 
by  year-end.  MCI  also  announced  a  deal  with 
Wayport  that  will  let  Internet  customers  access 
MCI’s  network  through  600  hot  spots  in  the  U.S. 

Both  carriers  are  partnering  with  service 
providers  that  have  built  out  wireless  LAN 
(WLAN)  access  points,  rather  than  building 
their  own  infrastructure. 

“Wireless  access  has  not  yet  become  a 
firm  requirement  for  enterprises,  but  a  lot  of 
people  are  interested  in  offering  Wi-Fi  to 
their  sales  force  and  remote  field  workers," 
says  David  Willis, an  analyst  at  Meta  Group.lt 
makes  sense  that  AT&T  and  MCI  offer  WLAN 
options  to  users  who  already  are  buying 
larger  remote-access  plans  that  might 


include  dial-up,  DSL  or  cable  modem  ser¬ 
vice,  Willis  says. 

“We  are  creating  a  global  footprint  of  hot 
spots  through  aggregators  like  Gric  and 
through  direct  relationships  with  wireless 
ISPs  like  Cometa  and  others,”  says  Rick 
Gretsch,  director  of  global  product  manage¬ 
ment  for  IP  services  at  AT&T. 

Gric  works  with  hundreds  of  ISPs  to  create 
a  global  network  of  Wi-Fi,  dial-up  and  DSL 
Internet  connectivity.  By  teaming  with  Gric, 
AT&T  has  access  to  2,000  access  points 
almost  overnight. 

But  Wi-Fi  will  not  be  available  to  AT&T  users 
until  sometime  in  the  fourth  quarter,  Gretsch 
says.  AT&T  is  in  the  process  of  updating  its 
client  software  to  include  WLAN  support 
that’s  specific  to  Gric’s  network,  he  says. 

The  idea  is  to  let  users  click  on  their  client 
software  in  any  airport,  convention  center  or 
hotel,  and  a  list  of  AT&T  Wi-Fi  access  points 
will  be  presented.  Once  the  user  designates  a 
hot  spot,  the  software  also  will  automatically 


change  the  user’s  Service  Set  Identifier  num¬ 
ber  to  comply  with  that  hot  spot.The  software 
then  automatically  would  change  back  to  the 
user’s  standard  setting  when  the  session  is 
over,  so  when  he  returns  to  his  home  office 
he  can  use  his  local  WLAN  without  making 
changes,  Gretsch  says. 

Wi-Fi  support  is  expected  to  be  available  to 
AT&T  Business  Internet  and  IP  Security- 
based  VPN  customers  by  year-end.  Pricing 
has  yet  to  be  determined. 

After  tipping  its  hand  in  June  about  its  Wi-Fi 
service  plans,  MCI  announced  it  will  offer 
WLAN  access  to  its  Internet  customers  by  the 
end  of  the  month  through  Wayport.  Wayport 
is  also  trialing  a  Wi-Fi  service  with 
McDonald’s  that  MCI  customers  in  the  San 
Francisco  Bay  area  will  be  able  to  use  in  the 
restaurant. 

MCI  says  it  will  offer  Wi-Fi  VPN  access  this 
fall.  Pricing  details  also  are  unannounced, 
although  the  carrier  says  it  will  offer  an 
hourly  service  rate.  ■ 
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Boeing  lets  single  sign-on  project  fly 

Effort  with  Southwest  Airlines  exploits  identity  management  technology. 


■  BY  JOHN  FONTANA 

SAN  FRANCISCO  —  Boeing  last 
week  made  public  the  first  phase 
of  a  standards-based  identity 
management  project  that  could 
serve  as  an  industry  model  for 
integrating  single  sign-on  access 
controls  across  business  partners’ 
networks. 

At  the  Burton  Group  Catalyst 
conference,  the  airplane  maker 
unveiled  the  deployment  of  a  pro¬ 
ject  with  Southwest  Airlines  that 
provides  the  carrier’s  mechanics 
access  to  electronic  repair  manu¬ 
als  on  Boeing’s  internal  networks 
based  on  the  mechanics’  regular 
logon  to  Southwest’s  network. 

Boeing  described  the  deploy¬ 
ment  as  the  beginning  of  a  “seam¬ 
less  business  Web”  that  will  sim¬ 
plify  business-to-business  rela¬ 


tionships  and  validate  the  integra¬ 
tion  power  of  Web  services. 

The  seamless  relationship 
means  that  Southwest  employees 
need  only  their  single  corporate 
logon  to  access  data  they  need 
from  their  employer  network  and 
from  corporate-partner  Boeing. 

And  it  provides  Boeing  with  a 
centralized,  scalable,  extensible 
and  secure  standards-based  mec¬ 
hanism  it  can  reuse  among  busi¬ 
ness  partners  to  control  Web- 
based  access  to  its  internal  appli¬ 
cations  and  data. 

The  deployment  is  significant 
not  only  for  the  efficiencies  and 
cost  savings  it  provides,  but 
because  it  is  the  marquee  rollout 
of  a  single  sign-on  system  that’s 
based  on  the  Security  Assertion 
Markup  Language  (SAML),  an 
XML-based  standard  protocol  for 


exchanging  user  authentication 
and  authorization  data  across 
corporate  systems. 

SAML  was  developed  by  the 


Organization  for  the  Advance¬ 
ment  of  Structured  Information 
Standards  (OASIS)  and  has 
gained  favor  mostly  through  sup¬ 
port  in  Web  access  management 
products  and  the  Liberty  Al¬ 
liance,  a  consortium  developing  a 


federated  identity  framework. 
OASIS  says  it  hopes  to  make  avail¬ 
able  on  its  Web  site  details  of 
Boeing’s  SAML  deployment  as  a 


reference  architecture. 

“If  we  can  deliver  services  to 
our  customers  that  they  can  inte¬ 
grate  into  their  environments 
then  we  become  indispensable,” 
says  Mike  Beach,  associate  tech¬ 
nical  fellow  for  security  and 


Boeing  officials  say  they  hope  to  have 
1,000  applications  integrated  with  the 
company's  single-sign-on  system  by  the 
end  of  next  year. 


Zultys  releases  IP  PBX  for  smaller  shops 

SIP  and  Linux  technology  converge  in  a  branch-office  IP  telephony  appliance. 


BY  PHIL  HOCHMUTH 
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IP  telephony  start-up  Zultys  Tech¬ 
nologies  is  expected  this  week  to 
announce  a  small-office  version 
of  its  IP  PBX  that  can  cost  less  than 
circuit-switched  telephone  key 
systems,  or  small  PBXs,  while  pro¬ 
viding  converged  IP-based  voice/ 
data  applications  that  aren’t  sup¬ 
ported  on  traditional  small-office 
systems. 

The  MX250  is  a  hardware/soft¬ 
ware  bundle  that  integrates  IP 
telephony,  and  WAN  routing  and 
security  into  one  embedded-Linux 
appliance.The  MX250  supports  up 
to  250  phones.  The  vendor  touts 
the  box  as  a  complete  IP  tele¬ 
phony  product  for  small  business¬ 
es,  or  as  a  distributed  site  IP  PBX 
for  larger  companies  with  many 
branch  offices. 

The  MX250,  like  Zultys’  larger 
MX  1200  (1, 200-phone  box  introduced  in  Feb¬ 
ruary),  uses  Session  Initiation  Protocol  na¬ 
tively  for  its  call-control  technology,  letting  the 
device  work  with  any  standard  SIP-based 
hardware  phone  (from  Alcatel,  Cisco,  Mitel, 
Nortel  and  PingTel)  or  with  SIP-based  soft- 
phone  clients,  including  Microsoft’s  Windows 
Messenger  software.Some  vendors  offer  SIP  as 
an  add-on  protocol,  or  encapsulate  SIP  inside 
proprietary  or  H.323-based  protocols,  on  their 
IP  PBXs. 

SIP  technology  also  is  incorporated  into  sev¬ 
eral  applications  on  the  MX250.The  appliance 
can  act  as  a  messaging  server  for  a  PC-based 


Many-in-one  branch  box 


Zultys’  MX250  supports  converged  IP  voice/data 
applications  usually  not  found  in  small-office  IP  PBXs. 


MX250  software  stack 

Application  platform  running: 
voice  mail  (with  Outlook  interface),  automated 
attendant,  VoiceXML  services. 

SIP-based  call  control/call  features  application. 

Embedded  Linux  operating  system  running: 
firewall  services,  WAN  routing, 
IPSecVPN  hosting. 
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client  application  that  incorporates  voice  mail 
access  with  Microsoft  Outlook  email,  along 
with  instant  messaging  and  presence.  A  sepa¬ 
rate  application, say  for  a  corporate  reception¬ 
ist,  can  be  used  to  track  the  availability  of 
employees,  via  phone,  email  or  cell  phone, 
and  forward  calls  and  messages  accordingly. 

A  voice  mail  system  is  included  in  the 
MX250.  Messages,  in  the  form  of  WAV  files,  can 
be  stored  on  the  box’s  internal  hard  drive  or 
on  an  attached  storage  device,  such  as  tape 
drive  or  network-attached  storage  appliance. 
The  MX250  can  terminate  fax  messages  and 
route  faxes  to  Outlook  in-boxes. 


Built  into  the  MX250’s  Linux  ker¬ 
nel  are  WAN  routing  and  firewall 
modules.  Also  included  are  VPN 
services,  which  can  let  remote 
users  with  Internet  connections 
log  into  the  box  securely  for 
phone  access  and  to  use  messag¬ 
ing  applications  as  if  they  were  in 
the  office,  the  company  says.  The 
box  uses  key  exchange  technol¬ 
ogy  128-bit  Advanced  Encryption 
Standard  and  Diffie-Hellman. 

Along  with  encryption,  the 
MX250  uses  the  standard  G.729 
voice-over-IP  (VoIP)  compression 
codec  to  support  remote  users. 
G.729  compresses  traffic  for  WAN 
IP  phone  users  from  an  uncom¬ 
pressed  bit  rate  of  64K  bit/sec 
(which  could  overwhelm  some 
dial-up  or  broadband  connec¬ 
tions)  down  to  8K  bit/sec.  On  LAN 
connections,  where  bandwith  is 
plentiful,  the  MX250  processes  traf¬ 
fic  uncompressed  for  greater  clarity 

The  hardware  in  the  appliance  includes  dual 
IBM  PowerPC  chips  and  an  embedded  Linux 
operating  system  from  Monta  Vista  Software. 
Two  MX250s  can  be  set  up  for  redundancy,  let¬ 
ting  one  box  take  over  if  the  other  fails. 

The  MX250  will  compete  with  small-office 
VoIP  gear  such  as  3Com’s  NBX100,  Avaya’s  IP 
Office,  Cisco’s  ICS-7700  series  and  MCS-7800 
series,  Nortel’s  Business  Communications 
Manager. 

The  MX250  costs  $44,000  for  the  appliance 
hardware,  applications  and  Zultys  Zip2  SIP- 
based  IP  phones  for  250  users.  ■ 


directory  services  at  Boeing.  “We 
think  SAML  is  huge.” 

How  they  do  it 

Boeing  uses  SAML  to  streamline 
access  to  its  MyBoeingFleet  Web 
portal,  which  provides  customers 
access  to  data  required  to  oper¬ 
ate  and  maintain  Boeing  aircraft. 
Single  sign-on  lets  Boeing  make 
the  data  directly  available  in  a 
maintenance  hangar  without 
having  to  provide  and  maintain  a 
set  of  user  credentials  for  South¬ 
west  employees.  Southwest  mec¬ 
hanics  use  notebook  computers 
to  display  electronic  manuals 
right  at  their  work  sites. 

Using  customized  Web  access 
management  software  from  Ob- 
lix,  Boeing  created  a  single  sign- 
on  environment  that  supports 
thousands  of  users  at  Southwest. 
The  airline  operates  350  Boeing 
737s  in  58  cities. 

The  mechanics  access  the 
Southwest  site  using  their  corpo¬ 
rate  logon.  In  the  background, 
the  user  is  passed  a  Southwest 
SAML-enabled  encrypted  cook¬ 
ie.  From  a  portal  application,  the 
users  can  see  their  daily  work 
responsibilities,  including  which 
airplanes  they  are  assigned  to 
repair  and  links  to  the  manuals 
they  will  need. 

When  the  user  clicks  on  the 
SAML-enabled  links  to  the  Boeing 
manuals,  the  system  initiates  the 
exchange  of  SAML  credentials. 
Southwest’s  site  generates  a  digi¬ 
tally  signed  SAML  assertion, 
which  contains  information  on 
the  user  and  his  access  rights.The 
signed  assertion  is  returned  to  the 
mechanic’s  browser,  and  the 
browser  delivers  the  assertion  to 
the  Boeing  SAML  service,  which 
sits  on  the  edge  of  the  Boeing  net¬ 
work  and  outside  its  firewall. The 
Boeing  SAML  service  verifies  the 
Southwest  assertion  and  links  it 
to  an  entry  for  that  user  stored  in 

See  Boeing,  page  56 
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Read  more  about  what  happened  at  the 
Catalyst  Conference. 
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Beth  took  second  place  in  a 
local  beauty  pageant. 

She  got  a  curling  iron  and  a  set  of 
plumbing  tools  from  the  proud  sponsors. 
Way  to  knock  'em  dead,  Beth. 
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EMC 

continued  from  page  1 

Group.  “Customers  lose  their  lev¬ 
erage  in  consolidated  markets. 
Vendors  can  control  pricing  a  lit¬ 
tle  better.” 

Analysts  say  a  variety  of  storage 
technologies  remain  targets  for 
acquisition  by  EMC,  HF?  IBM  and 
Veritas. 

“The  whole  area  of  storage  vir¬ 
tualization  or  abstraction,  and 
along  with  that  any  number  of 
storage  management  software 
vendors,  are  ripe  for  acquisition 


Legato  was  a  player  in  this  seg¬ 
ment  with  its  acquisition  of  OTG 
Software  last  year. 

Backup  is  another  area  that 
might  spur  further  consolida¬ 
tion,  Babineau  says. 

“The  next  round  of  acquisi¬ 
tions  comes  around  the  back-up 
area  because  that’s  where  there’s 
still  the  most  pain  for  customers,” 
he  says. “Companies  like  Revivio 
and  Timespring,  which  are  build¬ 
ing  niche  technologies  that  solve 
real  business  problems.  Bocada 
and  Avamar  have  great  back-up 
strategies.  They  need  to  find 


Storage  consolidation 


Other  notable  acquisitions  and  mergers  over  the 
past  three  years. 


Date 

Company  Acquired 

Technology 

Feb.  '00 

CA 

Sterling 

Software 

Network,  storage,  application  management 

July  '00 

Cisco 

NuSpeed 

iSCSI  switch 

Dec.  ’00 

Emulex 

Giganet 

High-speed  cluster 

Feb.  ’01 

Sun 

LSC 

Clustering  software 

Mar.  ’01 

Sun 

Highground 

Storage  resource  management 

July  '01 

HP 

StorageApps 

Storage  virtualization  hardware 

Sept.  *01 

EMC 

Luminate 

Storage  performance  monitoring 

Feb.  '02 

Legato 

OTG  Software 

E-mail/content  archiving 

May  '02 

HP 

Compaq 

Storage  hardware/software 

July  *02 

Hitachi 

IBM’s  hard  disk  drive  assets 

Aug.  ‘02 

Cisco 

Andiamo 

Networks 

Director-level  Fibre  Channel  switch 

Au^.  *02 

IBM 

Trellisoft 

Storage  resource  management  software 

Sept.  '02 

Sun 

. 

Pirus 

Storage  virtualization  switch 

Oct.  02 

Brocade 

Rhapsody 

Director-level  Fibre  Channel  switch 

April  '03 

CNT 

InRange 

Director-level  Fibre  Channel  switch 

Jufy  *03 

Veritas 

Precise 

Application  and  storage  management 

July  *03 

EMC 

BMC’s  Patrol  Storage  Manager 

July  '03 

EMC 

Legato 

Backup  and  recovery,  clustering,  hierarchical 
storage  management,  archiving  software 

by  the  major  systems  vendors,” 
says  Ron  Johnson,  senior  partner 
for  the  Evaluator  Group. 

As  the  products  become  more 
acceptable  to  end  users,  you  are 
going  to  see  the  systems  vendors 
like  IBM  and  HP  move  into  ac¬ 
quisition  mode  to  make  them¬ 
selves  more  competitive,"  he 
adds.  “[Virtualization  start-ups] 
DataCore  and  Falconstor,  in  par¬ 
ticular,  are  ready  for  acquisition.” 

Ray  Paquet,  research  director 
for  Gartner,  points  to  another  area 
that  has  gained  attention  recently 
thanks  to  heightened  enforce¬ 
ment  of  government  regulations. 

“1  would  say  the  next  set  of 
acquisitions  in  storage  would  be 
in  the  archiving  and  life-cycle 
management  products,"  Paquet 
says.  "KVS,  Educom  TS,  Outerbay 
Princeton-Softek  would  be  the 
likely  companies  [to  be 
acquired]." 


channel  relationships  with  large 
storage  vendors  before  an  acqui¬ 
sition  will  be  considered.” 

EMC's  explanation 

EMC  expects  the  Legato  deal  to 
fill  gaps  in  its  product  line,  build 
a  software  sales  force  and  in¬ 
crease  its  share  of  revenue  devot¬ 
ed  to  software.  Long  considered 
an  acquisition  target.  Legato  pro¬ 
vides  software  that  EMC  has 
identified  as  being  crucial  to 
what  it  calls  a  well-rounded  in¬ 
formation  life-cycle  manage¬ 
ment  software  portfolio:  backup 
and  recovery,  clustering,  server- 
based  replication,  hierarchical 
storage  management  and  e-mail/ 
content  archiving  software. 

”1  am  100%  convinced  that  the 
next  big  thing  in  storage  software 
is  to  manage  the  complete  life 
cycle  of  data,  from  inception,  to 
archive,  to  disposal,  while  assur¬ 


ing  business  continuity”  said 
EMC  CEO  and  President  Joe 
Tucci  in  announcing  the  deal 
last  Tuesday 

“The  management  of  data  cre¬ 
ation,  archiving  and  retrieval  of 
data  is  increasingly  important  as 
organizations  are  forced  by  gov¬ 
ernment  regulations  to  retain 
data  for  longer  periods  of  time,” 
he  said. 

Not  everyone  sees  the  Legato 
deal  as  a  big  plus  for  EMC. 

“EMC  has  not  bought  much  in 
the  way  of  technology  —  Leg- 
ato’s  [back-up  and  recovery  soft¬ 
ware]  is  a  me-too  technology?’ 
says  Ashok  Kumar,  senior  analyst 
with  US  Bancorp  Piper  Jaffray. 
“The  bottom  line  is  that  Legato 
has  400-strong  indirect  channel 
partners  that  generate  about 
three-quarters  of  their  business. 
The  question  is  whether  EMC 
will  be  able  to  leverage  that  to 
sell  their  software  products,  be 
cause  the  problem  they  face 
right  now  is  they  don’t  have  a 
channel  for  their  software.” 

The  acquisition  of  Legato  will 
add  one  percentage  point  to 
EMC’s  present  23%  software  rev¬ 
enue,  according  to  the  company. 
To  reach  its  30%  goal  for  software 
revenue  by  the  end  of  2004,  the 
company  says  it  must  expand  its 
sales  channels  and  make  an¬ 
other  big  acquisition. 

Legato  suffered  financially  in 
recent  years  as  competitors  such 
as  Veritas  ate  into  its  back-up  and 
recovery  business.  The  com¬ 
bined  companies  will  have 
18,700  employees  and  $5.8  bil¬ 
lion  in  revenue.  Legato  will  be 
operated  as  a  software  division 
of  EMC. 

Start-ups  for  sale 

Unlike  the  EMC-Legato  meld¬ 
ing  of  heavyweights,  most  stor¬ 
age-related  acquisitions  involve 
start-ups,  which  analysts  say  gen¬ 
erally  must  be  acquired  either 
because  they  run  out  of  money 
or  they  fail  to  sell  products. 

“They  spend  too  much  time 
focusing  on  technology  and  not 
enough  on  how  to  sell  it,”  says 
Jamie  Gruener,  senior  analyst 
with  The  Yankee  Group.  “These 
companies  haven’t  developed  a 
clear  channel,  customer  confi¬ 
dence,  partners  that  will  service 
the  products  or  OEM  relation¬ 
ships  —  all  the  sorts  of  things 
that  have  to  happen  to  be 
successful.” 

Most  notable  are  the  compa¬ 
nies  that  have  focused  on  the 
high-speed  InfiniBand  bus. While 
no  analyst  would  call  InfiniBand 
dead,  few  vendors  remain  in 
their  original  condition.  Omega- 


band  and  Paceline  have  ceased 
operations.  Essential  Commun¬ 
ications  was  acquired  by  SBS. 
And  Vieo,  Banderacom,  IBM  and 
Intel  got  out  of  the  faltering 
InfiniBand  business. 

Among  the  InfiniBand  compa¬ 
nies  that  remain  are  Topspin, 
Infinicon  and  Fabric  Networks, 
which  was  formed  by  the  merger 
of  Lane  15  and  InfiniSwitch. 

Network-attached  storage 
(NAS)  vendors  also  have  suf¬ 


fered  at  the  hands  of  more  pow¬ 
erful  competitors  such  as  EMC, 
Network  Appliance  and  Micro¬ 
soft’s  Windows  Pbwered  NAS. 
Among  the  NAS  vendors  that  no 
longer  exist  are  Auspex,  Ikadega, 
Scale8,  Swarm  Networks, TimesN 
Systems,  Tricord  Systems  and 
Zambeel.M 
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Proxim 

continued  from  page  10 

competition  against  a  backdrop 
of  free-falling  wireless  LAN 
(WLAN)  hardware  prices.  In  tra¬ 
ditional  WLAN  markets,  such  as 
logistics,  warehousing  and  retail¬ 
ing,  Symbol  Technologies  com¬ 
mands  near-fanatical  customer 
loyalty,  according  to  Webb.  In  the 
general  office  market,  which  has 
been  slow  to  adopt  WLANs  on  a 
large  scale,  Cisco  commands 
customer  attention  because  it 
already  dominates  the  enter¬ 
prise  network  infrastructure. 

Gartner  says  Proxim  ranks  sec¬ 
ond  behind  Cisco  in  enterprise 
WLAN  hardware  revenue  and  is 
fifth  in  unit  shipments  behind 
the  likes  of  D-Link  Systems  and 
Linksys,  which  are  strong  on  the 
consumer  front. 

One  Wall  Street  analyst,  who 
spoke  on  condition  of  anonym¬ 
ity,  says  Proxim’s  legacy  WLAN 
product  lines  have  “fallen  off  a 
cliff”  in  the  past  one  to  two  quar¬ 
ters.  He  estimates  that  only 
about  $13  million  of  Proxim’s 
quarterly  $40  million  revenue  is 
from  802.11  product  sales.  And 
the  fixed  wireless  portfolio  has 
been  weakened  as  it  goes 
through  a  transition. 

Emerging  from  this  transition 
can’t  come  soon  enough  for 
investors  who  at  one  point  saw 
the  per-share  stock  price  dip  so 
low  that  Nasdaq  warned  it  was 
considering  delisting  Proxim. 
From  a  high  of  about  $25  per 
share  in  2001,  the  stock  eventu¬ 
ally  hit  bottom  at  40  cents.  After 
the  company’s  financial  warn¬ 
ing  and  the  resignations  last 
Monday,  the  stock  price  dropped 
from  about  $1.70  to  $1.30  on 
Tuesday,  and  on  Wednesday  to 
about  $1.20. 

The  results  are  striking  when 
compared  with  the  aggressive 
strategy  Zakin  and  King  launch¬ 
ed  when  they  merged  Western 
Multiplex,  a  company  selling 
outdoor,  high-bandwidth  fixed 
wireless  products,  with  Proxim 
last  year. 


After  that  merger,  Proxim 
bought  out  the  Orinoco  WLAN 
product  line  and  brand  from 
Lucent  spin-off  Agere  Systems,  a 
move  that  was  intended  to  solid¬ 
ify  Proxim’s  presence  in  the  gen¬ 
eral  enterprise  market.  Its  exist¬ 
ing  Harmony  line  of  WLAN 
products  was  phased  out  in 
favor  of  the  better-known  Ori¬ 
noco  label. 

Last  December  the  company 
announced  a  big  reorganiza¬ 
tion,  with  King  shifting  from  his 
duties  as  president  and  COO  to 
vice  chairman.  And  Zakin  tem¬ 
porarily  took  on  the  duties  of 
both  titles  left  vacant  by  King’s 
transfer,  in  addition  to  his 
responsibilities  as  chairman 
and  CEO.  At  the  same  time,  four 
operating  divisions  were  con¬ 
solidated  into  two;  and  the 
board  launched  a  search  for  a 
new  president.  In  May,  Plastina 
came  aboard. 

Despite  its  troubles,  observers 
say  Proxim  shouldn’t  be  writ¬ 
ten  off. The  company  continues 
to  innovate  and  evolve  its  prod¬ 
ucts,  recently  getting  its  802. 1 1  g 
gear  certified  by  the  Wi-Fi 
Alliance. 

“Proxim  is  still  in  the  game," 
lnfonetics’Webb  says.B 


\  I  / 


■  THIS  WEEK'S  QUESTION: 


Wireless  LAN  start-up 

i 

Strix  Systems  gets  its 
name  from  the  Latin 
word  for  which  animal? 
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SIMPLIFY,  SAVE, 

SUCCEE 


COMPANIES  SEE  BETTER  BUSINESS  RESULTS,  NEW  COMPETITIVE  EDGE, 
FROM  INVESTMENT  IN  INTEL®-BASED  PLATFORMS 


Efficient,  economical  and  reliable.  These  qualities 
give  upstart  air  carrier  JetBlue  its  distinct  compet¬ 
itive  advantage  in  the  turbulent  airline  industry. 
Amidst  competitors  known  for  late  planes,  dimin¬ 
ished  service  and  inflated  costs,  JetBlue's  planes  fly 
on-time,  with  top-flight  service,  and  at  bargain 
basement  passenger  fares.  To  maintain  this  edge, 
the  company  builds  its  business  systems  upon  an 
equally  qualified  IT  architecture. 

Since  its  start-up  in  2000,  JetBlue  has  standardized 
on  a  single  computing  architecture — Intel. The  air¬ 
line’s  massive  data  warehouse  and  frequent  flier 


program.TrueBlue,  are  housed  on  a  range  of  4-,  8- 
and  16-way  Intel®  Itanium®  2-based  Unisys 
ES7000  servers  on  Microsoft  Windows*.  And 
JetBlue's  online  reservation  system,  which  delivers 
72  percent  of  JetBlue’s  revenue,  is  about  to  be 
moved  onto  Intel’s  new,  enhanced  platform,  the 
Intel®  Itanium®  2  processor  6M  L3.  Additionally, 
the  airline  runs  its  internal  operations  on  roughly 
250  Intel®  Xeon™  processor-based  HP  servers. 

As  a  result  of  this  consolidation  onto  a  single  pow¬ 
erful  platform,  JetBlue  hasn’t  Just  boosted  comput¬ 
ing  power — it's  saved  an  estimated  60  percent  in 
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Intel  Alliance  Profile: 

Hewlett-Packard1 

In  the  midst  of  tough  economic  times,  companies  are 
challenged  to  meet  critical  objectives  such  as  cutting 
costs  while  keeping  pace  with  the  enormous  rate  of 
change  and  creating  solutions  to  drive  the  business  for¬ 
ward.  Together,  HP  and  its  partners  are  enabling  cus¬ 
tomers  like  Raymond  James  and  Johns  Hopkins 
University  to  manage  change  and  get  more  from  their  IT 
investments — more  accountability,  more  agility  and  a 
better  return  on  information  technology. 

Raymond  James  Financial,  one  of  the  largest  financial  serv¬ 
ices  firms  in  the  United  States,  is  building  a  data  ware¬ 
house  and  decision  support  system  for  more  than  5,000 
financial  advisors  nationwide  using  a  next-generation 
Itanium  2-based  Superdome*  server  from  HR  “We  need¬ 
ed  an  architecture  with  exceptional  performance  and  seal- 
ability  that  would  help  us  drive  down  IT  costs,”  says  Tim 
Eitel,  CIO,  Raymond  James  Financial. “Our  HP  and 
Windows*-based  solution  gives  us  the  processing  power 
and  scalability  for  a  massive  database  and  data  warehouse 
solution  at  an  exceptional  value.” 

The  Johns  Hopkins  University  project  maps  the  universe 
as  a  participant  in  the  Sloan  Digital  Sky  Survey  (SDSS)  and 
is  currently  handling  over  100  million  galaxies  in  several 
databases,  stored  in  Microsoft  SQL  Server*  2000.  “With 
each  successive  generation  of  Itanium-based  servers  from 
HP,  we  have  reduced  the  time  it  takes  to  analyze  the  sta¬ 
tistical  properties  of  galaxies  and  other  objects  by— in 
some  cases — months,”  reports  Alex  Szalay,  Alumni 
Centennial  professor,  Johns  Hopkins  University. 

But  performance  is  only  part  of  the  story,  Itanium  2- 
based  HP  systems  offer  breakthrough  flexibility — with 
the  ability  to  run  HP-UX*,  Microsoft  Windows*  or 
Linux*  on  an  industry  standard  Itanium  2-based  plat¬ 
form.  What's  more,  with  Itanium  2-based  HP  solutions, 
customers  can  achieve  more  agility,  more  accountability, 
and  better  return  on  IT  than  ever  before.  For  more 
information  visit  www.hp.com/go/itanium 


operational  costs  by  not  having  to  hire  people  needed 
to  support  multiple  platforms. This  all  contributes  to  an 
impressive  bottom  line:  in  an  industry  where  competi¬ 
tors  increasingly  bleed  red  ink,  JetBlue  grew  63  percent 
in  the  first  quarter  of  2003.  Part  of  that  growth  easily  can 
be  attributed  to  smart  IT  spending. 

“When  JetBlue  considers  a  server  solution,  we  have 
three  important  criteria:  scalability,  manageability  and 
availability,''  says  airline  Vice  President/CIO  Jeff  Cohen.  "In 
these  areas,  [Intel]  has  been  very  good  to  us.” 

Of  course,  you  needn't  be  a  high-flying  startup  to  benefit 
from  efficient,  economical  and  reliable  systems.  At  a  time 
when  IT  budgets  remain  constrained  by  the  weakened 
economy  IT  leaders  throughout  the  industry  are  increas¬ 
ingly  turning  to  the  same  scalable  solutions,  for  the  same 
solid  business  results,  that  have  fueled  JetBlue's  success. 

COMMON  CHALLENGES, 

UNIQUE  SOLUTIONS 

Operating  costs.  Maintenance.  Infrastructure  upgrades. 
These  are  among  the  top  challenges  for  IT  leaders  who 
struggle  to  minimize  new  spending — while  also  consoli¬ 
dating  and/or  upgrading  back-end  servers  to  maximize 
front-end  business  processes.  It’s  almost  a  Catch-22,  this 
notion  of  simultaneously  controlling  costs  while  unleash¬ 
ing  new  computing  power  and  delivering  greater  business 
value.  Yet  companies  such  asT  Rowe  Price,  Monster  and 
NASDAQ  have  met  these  objectives  by  building  their  sys¬ 
tems  upon  flexible,  scalable  and  reliable  Intel  architecture- 
based  computing  platforms.  Among  the  business  benefits 
these  companies  have  gained  through  smart  investments: 

Competitive  Advantage  (see  “Successfully 

Managing  Rapid  Growth  at  Monster") 

Simplified  IT  Environments  less  costly  to  main¬ 
tain  (see  “Server  Consolidation  atT  Rowe  Price”) 

Greater  Productivity  and  Enhanced  TCO 

(see  “Powering  the  Enterprise  at  NASDAQ") 

Like  business/IT  leaders  everywhere,  Doug  Busch,  vice¬ 
president/CIO  at  Intel,  struggles  with  the  same  daunting 
business  and  technology  challenges.  And  like  his  peers, 
Busch  strives  to  do  more  than  just  maintain  his  firm’s  tech¬ 
nology  status  quo — he's  also  building  for  the  future.  To 


Intel  in  Action:  Server 
Consolidation  at  T.  Rowe  Price1 

Application  and  server  consolidation:  they’re  among  the 
most  compelling  uses  for  Intel  architecture-based  platforms. 
Intel-based  systems  enable  multiple  and  diverse  operating 
systems  and  application  stacks  to  be  consolidated  onto  a  sin¬ 
gle  four-way,  eight-way  or  above  server  without  the  cost  and 
complexity  of  software  migration  and  restrictive  proprietary 
server  technologies. 

Leading  investment  management  firm  T.  Rowe  Price  sought 
an  IT  department’s  wish  list:  reduced  server  and  storage 
costs,  improved  manageability  and  greater  flexibility  with 
headroom  for  future  growth. The  answer:  consolidation  on 
Intel-based  servers. 

Boasting  $140  billion  in  managed  assets, T.  Rowe  Price  is  in 
the  process  of  consolidating  a  wide  variety  of  off-the-shelf 
and  custom  applications  on  its  Intel-based  servers.  At  last 
check,  the  firm  had  attained  a  server  consolidation  ratio  of 
26:7  enroute  to  a  goal  of  10:1. 

To  get  there.T.  Rowe  Price  consolidated  26  two-  and  four-way 
Intel-based  servers  onto  two  six-way,  and  five  four-way  servers 
using  advanced  tools  fromVMware  and  Aurema.The  VMware 
ESX  Server*  offering  creates  virtual  machines-  each  isolated 
from  each  other — that  enable  multiple  operating  systems  and 
application  stacks  to  run  efficiently  on  a  single  Intel-based 
server. The  26:7  ratio  was  chosen  to  ensure  quick  payback  for 
the  project  and  to  provide  substantial  room  for  growth. 

T.  Rowe  Price  has  found  the  environment  much  easier  to 
manage,  as  changes  are  easily  implemented  right  up  to  appli¬ 
cation  landing  dates.  As  an  additional  sign  of  a  smooth 
deployment,  the  support  staff  has  not  yet  received  a  single 
customer  complaint.  Now  the  development  teams  can  more 
quickly  test  and  deploy  new  applications,  while  also  support¬ 
ing  multiple  versions  for  each  as  each  package  evolves. 

For  more  information  on  T.  Rowe  Price,  visit 
www.troweprice.com/ 
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achieve  these  goals,  Busch  and  his  IT  staff  have  put  their  own 
lntel®-based  server  innovation  to  work,  and  the  investment 
has  paid  off  in  ways  that  also  benefit  Intel's  customers. 

Since  1 999,  Busch  and  his  team  have  achieved  huge  savings 
by  transitioning  the  company's  1 6,000-server  global  com¬ 
puting  environment  to  server  solutions  based  on  the  Intel® 
Xeon™  processor  family.  And  with  the  anticipated  cost  sav¬ 
ings  from  Itanium®  2-based  servers,  Intel’s  IT  infrastructure 
will  run  on  complementary  platforms  that  deliver  better 
business  results  faster  and  more  cost-effectively  than  their 
predecessors  or  competing  architectures. 

"Given  that  newer  platforms  become  faster  and  less  expen¬ 
sive  over  time,  the  way  we  approach  a  server  upgrade  is  to 
start  with  a  clean  sheet  of  paper”  says  Busch,  who  oversees 
Intel's  4,000-person  global  technology  unit.  In  advising  cus¬ 
tomers  how  to  achieve  greater  computing  power  and  costs 
savings  in  their  own  enterprises,  Busch  recommends  the  same 
methodology  he  employed:  (.Assess  your  company’s  com¬ 
puting  requirements;  2.  Evaluate  computing  price/perform¬ 
ance  trends;  3.  Calculate  the  Total  Cost  of  Ownership 
(TCO)  of  a  refresh;  4.  Compare  theTCO  of  a  refresh  to  the 
cost  of  simply  buying  more  of  what's  already  in  place — includ¬ 
ing  hardware,  software  licensing  and  operational  expenses. 

Typically  a  refresh  provides  a  lower  cost  structure,  Busch 
says,  and  enables  IT  departments  to  build  a  scalable,  man- 


INTEL®  XEON™  PROCESSOR  MP 

Ideal  for  Mid-Tier  CRM,  SCM  and 
Business  Intelligence 

Aimed  at  medium-sized  computing  environments,  this 
32-bit  platform  is  optimized  for  midsize  computer 
workloads  in  the  application  and  small  to  medium  data 
tiers.  Ideal  for  customer  relationship  management,  site 
management,  business  intelligence  and  supply  chain 
management. 

»  For  databases  <4- 1 6  gigabytes  of  memory 
»  Broad  ecosystem  of  standard  solution  providers 
»  Broad  deployment  enhances  interoperability 
across  platforms 

»  Runs  thousands  of  applications 

For  more  information  on  Intel®  Xeon™  processor 

MP-based  servers,  visit  www.intel.com/adlservers 
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INTEL®  ITANIUM®2  PROCESSOR  6M: 
INDUSTRY-LEADING 
PERFORMANCE  RESULTS 

1  Source  www.tpc.org:  Intel®  Itanium®  2  processor  results  on  HP  Server  rx5670  :  using  4  Intel®  Itanium®  2  proces¬ 
sors  1.50  GHz  with  6MB  L3  cache.  64GB  memory.  Microsoft  Windows'  Server  2003.  Enterprise  Edition  and 
Microsoft  SQL  Server  2000  '  Enterprise  Edition  64-bit.  $4.97  $/tpmC,  availability  date  8/ 1/03.  Alpha  results  of  56. 3K 
and  $9.44  price/tpmC  on  HP  AlphaServer  using  4  ES45  processors  1.25  GHz.  32GB  memory,  availability  09/27/02. 

2  Source:  www.sap.com/benchmark.  Intel®  Itanium®  2  processor  results  measured  on  HP  Server  rx5670;|i  using  4 
Intel®  Itanium®  2  processors  1.50  GHz  with  integrated  6MB  L3  cache,  24GB  of  memory.  HP-UX*  I  li.  SAP  rev  4.6 
C.  Oracle9r  .  Best  RISC  result  of  420  from  www.sap.com/benchmark  on  AlphaServer  ES45  1000  MHz. 

3  Source:  www.spec.org  as  of  4/21/03:  Intel®  Itanium®  2  processors  result  on  HP  Server  rx5670,:  using  4  Intel® 
Itanium®  2  processors  1 .50  GHz  with  6MB  L3  cache.  24GB  memory.  HPrUX*  Power  4+  result  of  1988  on  pSeries' 
630  Model  6C4  using  4  Power  4::+  processors  1.45  GHz  with  8GB  cache  (off  chip).  32GB  memory.  AIX. 

4  Source:  Dell  Computer  for  Intel®  Itanium®  2  processor  6M  results  on  a  cluster  of  1 6  Dell  PowerEdge :  Servers, 
each  with  2  Intel®  Itanium®  2  processors  6M  at  1 .50  GHz,  4GB  RAM.  RedHat  Linux *  AS  2.1.  Source:  http://www- 
I. ibm.com/servers/eserver/pseries/hardware/system_perf.pdf  for  Best  RISC  result  of  l43.3GFLOPs  on  IBM  eServer 
p690  with  32  Power  4*+  processors  at  1 .70  GHz. 

5  Source:  www.tpc.org:  HP  Superdome  Server.  707.102  tpmC  at  $9  1 3/tpmC,  with  64  Intel®  Itanium®  2  processors, 
each  at  1.50  GHz  with  6MB  of  L3  cache,  running  Microsoft  Windows*  Server  2003.  Datacenter  Edition  and 
Microsoft  SQL  Server*  2000  Enterprise  Edition  64-bit.  with  5 1 2  GB  RAM.TPC-C  Availability  date:  Oct.  23.  2003. 

Best  RISC  using  HP  9000  Model  Superdome*  Enterprise  Server.  423.4 1 4tpmC,  $  1 5.64/tpmC.  with  sixty  four  (64)  HP 
PA-RISC  8700  processors  at  875  MHz.  running  HP-UX*  1 1  .i  64-bit.  Oracle9i:  Enterprise  Database  Server  9.2.0. 1 . 
2S6GB  RAM.  Available:  8/26/2002. 


ageable  IT  infrastructure  for  the  future.  With  the  Intel  Xeon 
processor  MP  and  Itanium  2-based  platforms.  Intel  and  its 
customers  gain  the  ability  to  scale  out  and  up — functionali¬ 
ty  that  delivers  the  business  benefits  detailed  above. 

To  provide  customers  with  the  computing  platforms  neces¬ 
sary  to  achieve  these  business  benefits,  Intel  poured  over 
$9.5  billion  into  R&D  and  manufacturing  innovation  in  fiscal 
year  2002.  Much  of  this  investment  went  to  enrich  the  Intel 
Xeon  processor  family  and  fuel  the  emergence  of  comple¬ 
mentary  Intel  Itanium  2  processors  (see  boxes,  p.  3  and  p.  4). 

THE  ROI  OF  ARCHITECTURE  INVESTMENT 

Intel's  R&D  investment  might  seem  counterintuitive  to  cost- 
conscious  IT  leaders,  but  industry  analysts  say  forward- 
thinking  companies  are  on  the  right  track  to  reap  business 
value  from  continued  investment  in  server  infrastructure. 
“Companies  under-invest  in  technology  at  their  peril — even 
in  lean  times,"  reports  worldwide  management  consultancy 
McKinsey  &  Co.“New  technology,  deployed  intelligently,  can 
help  organizations  make  dramatic  leaps  in  productivity  and 
redefine  competition  within  [entire]  sectors."  1 


Enterprise  architecture  expenditures  are  an  especially 
smart  investment  in  future  business  benefits,  says  Jeffrey 
Hewitt,  principal  analyst  with  Gartner  Inc. 


INTEL®  ITANIUM®  2  PROCESSOR 

Ideal  for  High-Performance  Applications 

Designed  for  the  most  demanding,  data-intensive 
enterprise  and  technical  applications.  Ideal  for  these 
critical  applications:  large  databases,  enterprise 
resource  planning  (ERP),  supply  chain  management 
(SCM),  business  intelligence  and  high-performance 
computing. 

»  64-bit,  with  support  for  32-bit 
»  For  databases  >4- 1 6  gigabytes  of  memory 
»  Key  databases,  tools,  and  enterprise  applications 
are  available  now,  with  others  ramping  dramatically 
throughout  2003 

>>  Choice  of  operating  systems,  including  Windows 
Server  2003,  HP-UX  and  Linux.  Optimized 
applications  suitable  for  manufacturing,  scientific, 
energy  and  financial  services  solutions 
For  more  information  on  Intel®  Itanium®  2 
processor-based  servers,  visit  www.intel.com/adlservers 


"As  worldwide  economies  begin  to  show  recovery,  server 
infrastructure  improvements  will  come  back  into  the  picture 
because  companies  seek  to  stay  competitive  and  upgrade 
aging  hardware  platforms,"  Hewitt  says.  The  server  market 
segment's  return  to  growth  will  be  fueled  primarily  by  Intel 
on  the  processor  front  and  by  Windows*  and  Linux*  from 
an  OS  perspective,  he  adds. 

These  market  trends  and  independent  analysis  point  to  a 
common  conclusion:  IT  leaders  must  meet  today’s  com¬ 
mon  business  challenges — and  tomorrow's — by  investing 
in  flexible,  scalable,  interoperable  technology  solutions.The 
unpleasant  alternative  is  to  risk  falling  behind  in  the  race  to 
generate  new  business  value  and  drive  innovation. 

POWERFUL  PLATFORMS  = 

PEAK  PERFORMANCE 

It  Isn’t  just  about  the  infrastructure.  Intel 

Xeon  processor  MP  and  Itanium  2  processor  computing 
engines  fuel  more  than  a  stronger,  increasingly  versatile  IT 
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foundation. They  also  enable  companies  to  gain  new  busi¬ 
ness  process  efficiencies,  streamlining  business  functions 
and  enhancing  employee  productivity. 

Business  leaders  realize  that  an  advanced  IT  infrastructure 
can  help  extend  their  competitive  advantages  in  key  areas 
and,  when  coupled  with  improved  processes  and  capabili¬ 
ties,  drive  innovation  and  new  opportunities. 

"As  anyone  on  the  Web  knows,  continuous  enhancement  is 
critical  to  attracting  visitors  and  staying  competitive,"  says 
Brian  Farrey,  president  of  TMP  Technologies,  a  division  of 
Monster  Worldwide,  which  manages  technology  resources 
for  its  parent  company  (host  of  Monstercom).  "The  [Intel 
architecture]  gives  us  more  options  and  much  faster  devel¬ 
opment  times  when  enhancing  our  site." 

Among  the  principal  business  benefits  enabled  by  Intel’s 


evolving  platforms: 

Improved  Online  Transaction  Processing  and 
CRM:  Intel  Xeon  processor  MP-based  platforms  are  ideal 
for  mid-tier  business  critical  applications,  helping  companies 
in  all  industries  streamline  business  processes.  Among  the 
business  results  enabled  by  Intel  Xeon  processor  MP- 
based  platforms:  improved  customer  relationship  manage¬ 
ment,  collaboration  and  business  intelligence. 

Maximized  Databases,  ERP,  SCM  and  High- 
Performance  Computing:  The  Intel  Itanium  2 
processor  is  uniquely  designed  for  the  most  demanding, 
data-intensive  enterprise  applications.  These  high  perform¬ 
ing  computing  engines  enable  businesses  to  deploy  their 
highest-end  enterprise  applications  (e.g.  large  databases 
and  business  intelligence)  on  cost-effective  Intel-based 
servers,  instead  of  those  based  on  RISC  architectures. 


Intel  in  Action: 

Powering  the 
Enterprise  at 
NASDAQ1 

Like  many  enterprises  in  financial  servic¬ 
es,  NASDAQ  has  banked  heavily  on — 
and  is  continuing  to  evolve  with — plat¬ 
forms  based  on  Intel®  processors  to 
keep  pace  with  soaring  transaction  vol¬ 
umes  driven  largely  by  increased 
demand  for  instant  information. 

The  company  has  also  recognized  the 
need  to  simplify  and  consolidate  its 
hardware  architecture  to  streamline 
development,  deployment  and  support, 
having  once  had  over  a  dozen  hardware 
architectures  in  house. 

Its  efforts  of  late  have  been  to  harness 
Intel®  Xeon™  processor  MP-based 
systems  to  run  the  database  engine  for 


three  emerging  market  data  applica¬ 
tions,  as  well  as  mission-critical  applica¬ 
tions  launched  and  repeatedly 
enhanced  over  time. 

“Intel  Xeon  processor  MP  and  the 
future  delivery  of  Intel®  Itanium® 
processor  family-based  systems  hold  the 
key  to  NASDAQ’s  long-term  business 
direction,”  says  Richard  Lind,  SVP,  techni¬ 
cal  operations  for  the  firm.  “They’ve  laid 
out  a  very  well-defined  roadmap  for 
driving  down  the  cost  of  their  proces¬ 
sor  technology  while  increasing  the 
functionality  it  provides.” 

As  a  result,  NASDAQ  will  migrate  to 
the  Intel  Itanium  processor  family  to 
power  the  core  of  SuperMontage*  a 
“matching”  engine  that  continually  builds 
an  internal  representation  of  all  buy  and 
sell  interests  in  a  marketplace,  and 
matches  quotes  and  orders  to  produce 
instant  execution  functionality. 


The  data  is  fed  into  the  three  market 
data  applications — DepthView*, 
PowerView*  and  TotalView* — that  are 
powered  by  Intel  Xeon  processors  MP 
and  were  taken  live  late  last  year. 
NASDAQ  uses  Intel  Xeon  processor 
MP-based  Dell  6650*  servers  running 
Windows  2000  for  the  application  suite, 
and  has  supercharged  the  database 
power  of  a  custom  application, 
Surveillance  Delivery  Real-time  (SDR), 
which  analyzes  market  transactions  and 
sends  alerts  to  analysts  for  review.  SDR 
handles  2,800  trades  and  1 ,400  quotes 
per  second. 

“We’re  very  impressed  with  the  per¬ 
formance  and  future  of  the  advanced 
Intel  platforms  and  see  them  as  the 
foundation  for  our  future  computing 
strategy,”  says  Lind. 

For  more  information  about  NASDAQ, 
visit  www.nasdaq.com 
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Itanium  2-based  servers  provide  faster  data  analysis  and 
high  availability  in  such  industries  as  finance,  manufacturing, 
energy  and  life  sciences. 

Enhanced  Business  Performance,  Reliability  Two 

new  Intel  products,  the  Intel®  Itanium®  2  processor  with 
6M  L3  cache,  and  the  Intel®  Xeon™  processor  MP  at 
2.80  GHz/2MB,  only  improve  upon  the  business  results 
detailed  above. 

With  core  frequency  doubled  to  1 ,50GHz  and  the  L3  cache 
doubled  to  6MB,  new  Itanium  2-based  platforms  are  the  ideal 
solution  for  compute-intensive,  high-end  enterprise  applica¬ 
tions.  With  production  software  available  today  from  Oracle, 
Microsoft  and  IBM,  businesses  can  now  deploy  back-end  data¬ 
bases  on  Itanium  2-based  servers.  Moreover  the  new  Itanium 
2  processor  with  6M  L3  cache  maintains  full  hardware  and 
software  compatibility  with  previous  Itanium  2-based  systems. 
Also,  all  Itanium  2  processors  today  offer  support  for  IA-32 


i 


UPPLEMENT 


applications;  a  new  technology  called  the  IA-32  Execution 
Layer  will  further  enhance  this  capability  in  2H  '03. 

Meanwhile,  the  new  Intel  Xeon  processor  MP  at  2.80 
GHz/2MB  cache  is  designed  to  increase  performance  lev¬ 
els  for  mid-tier  server  applications  that  demand  large 
amounts  of  cache  for  frequent  data  access  cycles.  These 
new  levels  of  speed  and  scalability  are  ideal  to  support 
robust  CRM  and  SCM  applications,  allowing  real-time 
access  to  information  or  fast  data  consolidation  and  analy¬ 
sis  to  support  immediate  opportunity  identification — to 
cross-sell  or  up-sell,  for  example — and  business  decisions. 

INDUSTRY  LEADERSHIP 

Intel's  industry  leadership  isn't  just  a  marketing  pitch;  it's  an 
operating  philosophy  to  ensure  that  technology  solutions 
address  real-world  business  challenges  facing  specific 
industries.  Intel  drives  and  jointly  develops  these  solutions 
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Intel  Alliance 
Profile:  Oracle1 

Product  support,  from  industry  heavy¬ 
weights  like  Oracle,  which  has  long  opti¬ 
mized  its  software  for  use  with  Intel 
processors,  has  already  contributed  to  the 
accelerating  adoption  of  Itanium  2-based 
servers.  Oracle9/*  Database  is  available 
now  for  use  with  HP-UX*,  Linux*  and 
Microsoft  Windows*  Server  2003  64-bit 
operating  systems. 

Oracle9i  Database  offers  industry-leading 
scalability  and  reliability  in  both  clustered 
and  single  system  configurations, 
whether  based  on  the  Intel  Itanium  2 
processor  or  Xeon  processor  MP.  It  pro¬ 
vides  comprehensive  features  for  OLTP 
and  business  intelligence,  and  delivers 
low  total  cost  of  ownership. 

Using  Oracle9i  Real  Application  Clusters, 
an  option  of  Oracle9i  Database,  running  on 


Itanium  2-based  servers,  businesses  can 
deploy  and  manage  Oracles  database  on  a 
cluster  of  several,  high-performance, 
Itanium  2-based  servers  as  easily  as  on  a 
single,  vertically  integrated  platform.This 
gives  companies  high  availability,  reliability 
and  scalability,  without  application  rewrites. 

The  Oracle-on-lntel  combination  has 
already  demonstrated  strong  success 
across  a  wide  array  of  customers  includ¬ 
ing  Dell,  Electronic  Arts, Texas  Tech 
University,  and  Louisiana's  Nineteenth 
Judicial  District  Court. 

KEY  BENEFITS  INCLUDE: 

Superior  price/performance — Intel 
Xeon  processor  MP-based  servers  clus¬ 
tered  using  Oracle9/  Real  Application 
Clusters  deliver  superior  price-perform¬ 
ance  over  non-clustered  RISC-based  sys¬ 
tems.  With  the  Oracle  database,  Itanium 
2-based  servers  deliver  additional  and 
affordable  power  for  the  largest  of  enter¬ 
prise  databases. 


Security — Oracle9/  Database  provides 
concrete  security  assurance,  the  only 
database  built  on  a  history  of  1 5  inde¬ 
pendent  security  evaluations. 

Low  Total  Cost  of  Ownership — Reduce 
operating  costs  by  consolidating  servers 
onto  an  Oracle9i  Database  cluster  and 
Intel  Xeon  processor  MP  or  Itanium  2- 
based  systems,  while  improving  perform¬ 
ance  and  scalability  and  also  gaining  the 
flexibility  offered  by  a  standards-based 
computing  platform. 

Latest  Technology  Advances — The 

development  teams  at  Oracle  and  Intel 
work  closely  together  to  guarantee  that 
Oracle9/  Database  is  optimized  for  both 
the  Intel  Xeon  processor  MP  and  Itanium 
2-based  servers. 


For  more  information  on  Oracle,  visit 
www.oracle.com/intel 


in  a  variety  of  ways.  Among  them: 

Alliances:  Intel  works  through  Original  Equipment 
Manufacturers  (OEMs),  independent  software  vendors 
(ISVs),  solution  providers  (SPs)  and  system  integrators 
(Sis)  to  enable  customers  to  have  a  range  of  choices 
among  complete,  optimized  solutions  for  their  server 
infrastructure.  Intel  and  this  solutions  community  offer 
ready-made  blueprints  that  help  build  successful  enter¬ 
prise  systems  and  stay  ahead  of  the  competition.  And 
Intel's  two  server  families  are  backed  by  a  groundswell  of 
operating  systems — Windows*,  Linux*  and  Unix* — hard¬ 
ware,  software  and  database  support.That  support  comes 
from  technology  leaders  such  as  BEA,  Dell,  HR  IBM, 
Microsoft,  Oracle,  Red  Hat,  SAR  SAS  and  Unisys  (see  "Intel 
Alliance  Profiles"  for  clear  examples  of  this  support). 

Services:  Customers  also  have  a  strong  resource  to 


develop  customized,  optimized  solutions  with  Intel® 
Solution  Services,  Intel's  in-house,  worldwide  professional 
services  organization.  At  several  Intel  Solution  Centers 
worldwide,  Intel  experts  design  and  test  high-performance 
customer  solutions  on  Intel-based  servers — such  as  run¬ 
ning  heavy  volumes  of  simultaneous  workloads  for  a  finan¬ 
cial  trading  solution — to  ensure  high  reliability  before 
deployment.  Customers  include  Virgin.com,  Procter  & 
Gamble,  Sony  Pictures  Imageworks,  Marriott,  Credit 
Suisse, T-Mobile  and  Sungard. 

Expertise:  Through  work  with  global  technology  leaders, 
international  standards  communities  and  technology  end 
users,  Intel  has  built  respected  expertise  in  guiding  solu¬ 
tions  development  to  deliver  real  business  value  that  com¬ 
panies  can  take  straight  to  the  bottom  line.  Intel’s  team  of 
professionals  with  direct  industry  expertise  work  with  the 
worldwide  technology  community  in  areas  like  financial 


Intel  in  Action: 

Successfully  Managing 
Rapid  Growth  at 
Monster.^ 

With  its  traffic  having  grown  30-fold  since 
1 999,  Monster  needed  a  powerful  infra¬ 
structure  that  could  keep  pace  with  its  glob¬ 
al  growth  and  increasingly  sophisticated  site 
features — while  keeping  a  lid  on  IT  costs. 

Monster  began  to  migrate  its  operations  to 
Dell  servers  powered  by  Intel®  architecture 
four  years  ago. Today,  330  servers,  primarily 
Intel®  Xeon™  processor  family-based  plat¬ 
forms  on  Microsoft  Windows*  2000,  run 
the  company’s  career  portal,  which  accom¬ 
modates  600  million  page  views  a  month 
and  sends  out  five  million  emails  a  day. 

Another  700  servers  handle  the  addition¬ 
al  Monster  Worldwide  products — 
FastWeb*,  Flipdog*  and  JobTrack* — IT 
and  back-end  systems. 


Thanks  to  the  cost-effectiveness  of  its 
Intel  architecture-based  server  infrastruc¬ 
ture,  Monster  spends  5  to  7  percent  of  its 
revenue  on  IT  infrastructure,  compared  to 
double-digit  figures  for  many  comparable 
Web  giants. Those  savings  have  helped 
Monster  maintain  20  straight  quarters  of 
profitability.  In  addition,  its  Intel  architec¬ 
ture-based  server  infrastructure  provides 
the  agiiity  to  roll  out  revenue-enhancing 
new  features  in  only  six  weeks. 

“Our  availability  is  pretty  close  to  100 
percent,”  says  Paul  Nielsen,  senior  vice- 
president  of  Monster’s  technology  service 
organization.  "If  we  have  a  problem  with  a 
box — which  is  almost  never  because  of 
the  hardware — we  have  redundancy  with¬ 
in  each  cluster  at  each  data  center,  and 
we  have  mirrored  data  centers. We  can 
also  pull  boxes  out  for  work  with  no 
impact  to  the  end  user.” 


and  the  future  direction  of  Intel’s  processor 
architecture,  having  recently  invested  an 
additional  $2  million  in  Intel  Xeon  proces¬ 
sor  family-based  servers,  and  has  plans  to 
evaluate  Itanium  2-based  platforms  as 
growth  of  the  site  continues  to  soar. 

But  just  how  does  Monster  know  that  the 
basic  cost  structure  and  TCO  of  servers 
based  on  advanced  Intel  processors  is  less 
than  that  of  rival  platforms?  Real-life 
experience  amassed  by  acquiring  several 
companies  with  servers  based  on  other 
processor  architectures. 

“With  these  acquisitions,  we’re  seeing  the 
numbers  in  terms  of  what  they  are  getting 
from  their  infrastructure  and  what  it  costs 
them,  which  is  one  of  the  reasons  we 
migrate  them  pretty  quickly  to  the  plat¬ 
form  we  have,"  replies  Farrey.  For  more 
information  on  Monster.com,  visit 
www.monster.com 


Monster  is  sold  on  the  savings,  performance 
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Intel  Alliance  Profile:  Microsoft 

Featuring  SQL  Server*  2000  Enterprise 
Editionf 

With  the  growing  complexity  and  competitive  nature  of 
business  computing  today,  companies  require  their  applica¬ 
tions  and  databases  to  process  and  analyze  massive  amounts 
of  data  in  a  fast  and  efficient  manner.  Microsoft  SQL  Server* 
2000  Enterprise  Edition  is  available  in  both  32-bit  (for  Intel 
Xeon  processor  MP)  and  now  64-bit  (for  Itanium  2-based 
platforms)  versions,  both  of  which  are  designed  to  help 
firms  scale  as  their  global  users  continue  to  grow. 

SQL  Server  2000  Enterprise  Edition  64-bit  on  Itanium  2- 
based  platforms  opens  a  new  chapter  in  high-end  data¬ 
base  computing  at  lower  costs  than  Unix-based  systems 
available  today.  Microsoft’s  commitment  to  Itanium  archi¬ 
tecture  expands  the  scalability  options  for  memory¬ 
intensive  data  applications  such  as  large-scale  e-com¬ 
merce,  data  warehousing  and  analytics. 

Best  Performance  and  Price/Performance3:  SQL  Server 
2000  64-bit  delivers  the  fastest  performance  in  non-clus- 
tered  computing  at  707,102  transactions  per  minute  on 
the  Itanium  2-based  platform.  It  also  delivers  the  best 
performance  and  price/performance  for  business-critical 
solutions  on  a  4-way  Itanium  2-based  server.  Harnessing 
Itanium  2-based  servers  that  support  up  to  512  giga¬ 
bytes  of  RAM,  SQL  Server  2000  Enterprise  Edition  takes 
advantage  of  the  advanced  memory  addressing  capability 
to  support  rapid  growth  in  mission-critical  applications. 

Easy  Migration  and  Fast  Deployment:  Customer  databas¬ 
es  can  be  easily  migrated  from  32-bit  to  64-bit,  maintain¬ 
ing  100  percent  T-SQL  compatibility.  No  changes  are 
required  in  client  applications,  which  makes  the  job  of 
database  administrators  and  developers  easier  when 
deploying  a  64-bit  database  into  their  server  farm. 

And  with  the  ability  to  install  up  to  16  database  engine 
instances  on  a  single  server,  Microsoft  offers  the  best 
economics  of  managing  multiple  types  of  high-end  appli¬ 
cations.  With  this  package,  companies  realize  these  bene¬ 
fits  while  continuing  to  enjoy  the  familiar  database  envi¬ 
ronment,  data  access  and  formats  to  which  they  have 
grown  accustomed.  For  additional  information  on 
Microsoft,  visit:www.microsoft.com/sql 


services,  manufacturing,  retail,  government  and  commu- 
nications.This  is  done  to  ensure  that  Intel's  technology  is 
put  to  work  delivering  strong  ROI,  lower  TCO,  and 
meeting  specialized  industry  needs. 

McKinsey  &  Co.  recently  singled  out  Intel  for  its  success 
in  delivering  solid  business  results.  “Intel  has  concentrat¬ 
ed  on  new,  higher-value  goods,  thereby  generating 
extraordinary  productivity  advances  as  microprocessors 
and  memory  chips  become  exponentially  more  power¬ 
ful  though  not  exponentially  more  expensive."  3 

And,  as  shown  in  customer  case  studies  such  as  JetBlue, 
Intel's  powerful  products,  solutions  and  expertise  are 
driving  dramatic  new  business  solutions — and  value — 
across  several  key  industries. 

By  taking  JetBlue’s  lead — by  making  smart  investments  in 
enterprise  architecture — well-established  industry  leaders 
find  that  they,  too,  can  deploy  critical  business  applications 
that  can  be  described  just  like  the  upstart  start-up's. 

Efficient,  economical  and  reliable. 

For  more  information  on  Intel®  Xeon™  processor  MP  and 
Intel®  Itanium®  2  processor-based  servers  and  educational 
opportunities,  visit  www.intel.com/ad/servers. 

Performance  tests  and  ratings  are  measured  using  specific  computer  systems  and/or  compo¬ 
nents  and  reflect  the  approximate  performance  of  Intel  products  as  measured  by  those  tests. 
Any  difference  in  system  hardware  or  software  design  or  configuration  may  affect  actual  per¬ 
formance.  Buyers  should  consult  other  sources  of  information  to  evaluate  the  performance  of 
systems  or  components  they  are  considering  purchasing.  For  more  information  on  perform¬ 
ance  tests  and  on  the  performance  of  Intel  products,  visit  http://www.mtel.com/performance 
/resources/limits.htm. 

The  Intel  Xeon  processor  MP  and  the  Intel  Itanium  2  processor  may  contain  design  defects  or  errors 
known  as  errata,  which  may  cause  the  products  to  deviate  from  published  specifications.  Such  erra¬ 
ta  are  not  covered  by  Intel's  warranty.  Current  charactenzed  errata  are  available  on  request 

Information  in  this  document  is  provided  in  connection  with  Intel®  products.  No  license, 
express  or  implied,  by  estoppel  or  otherwise,  to  any  intellectual  property  rights  is  granted  by 
this  document.  Except  as  provided  in  Intel's  Terms  and  Conditions  of  Sale  for  such  products, 
Intel  assumes  no  liability  whatsoever,  AND  INTEL  DISCLAIMS  ANY  EXPRESS  OR  IMPLIED 
WARRANTY.  RELATING  TO  SALE  AND/OR  USE  OF  IN^EL®  PRODUCTS  INCLUDING 
LIABILITY  OR  WARRANTIES  RELATING  TO  FITNESS  FOR  A  PARTICULAR  PURPOSE. 
MERCHANTABILITY,  OR  INFRINGEMENT  OF  ANY  PATENT,  COPYRIGHT  OR  OTHER 
INTELLECTUAL  PROPERTY  RIGHT.  Intel  products  are  not  intended  for  use  in  medical,  life 
saving,  or  life  sustaining  applications.  Intel  may  make  changes  to  specifications  and  product 
descriptions  at  any  time,  without  notice. 

Copyright  ©  2003  Intel  Corporation.  All  rights  reserved.  Intel,  the  Intel  logo.  Intel  Xeon. 
Itanium  and  Pentium  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  sub¬ 
sidiaries  in  the  United  States  and  other  countries. 

•Other  names  and  brands  may  be  claimed  as  the  property  of  others. 

1 2  The  McKinsey  Quarterly  Newsletter,  May  6,  2003. 

'  Source:  http://www.tpc.org/  As  of  May  20.  2003:  HP  Superdome*.  707.102  tpmC. 
$9. 1 30/tpmC.  with  64  Intel  Itanium  2  processors  at  1.5  GHz.  each  with  6MB  iL3  cache,  run¬ 
ning  Microsoft  Windows*  Server  2003,  Datacenter  Edition  and  Microsoft  SQL  Server*  2000 
Enterprise  Edition  64-bit.  with  256  GB  RAM;  available  10-23-2003 

f  Results  and  information  are  reported  by  end-user  or  vendor  and  not  verified  by  Intel.  Results 
may  not  be  representative  and  may  vary.  Buyers  should  consult  other  sources  of  information 
to  evaluate  the  performance  of  systems  or  components  they  are  considering  purchasing. 

inl^l. 
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Takes 

■  NetPro  has  launched  a  new  ver¬ 
sion  of  its  Novell  eDirectory  moni¬ 
toring  and  alerting  software.  DS 
Expert  4.0  now  supports  eDirec¬ 
tory  management  on  Windows  and 
Solaris  networks  and  can  be  man¬ 
aged  with  Microsoft  Operations 
Manager  Management  Pack.  Several 
alerts  also  have  been  added,  includ¬ 
ing  one  for  Novell's  metadirectory 
product,  DirXML.The  software 
works  with  NetWare  4,  5  and  6.  DS 
Expert  costs  $12  per  user  for  100  to 
1,000  users. 

■  Storage  Technology  enhanced  its 
mainframe  virtual  tape  last  week  by 
increasing  capacity  and  performance. 

Virtual  Storage  Manager  4  is 

hardware  that  emulates  a  tape  drive 
and  backs  up  mainframe  data  to  disk 
arrays.  It  supports  multiple  Storage- 
Tek  tape  drives  and  libraries.  The  new 
version  has  four  times  the  capacity  of 
previous  versions  and,  Storagetek 
claims,  improved  performance  and 
connectivity.  VSM  4  supports  256  vir¬ 
tual  tape  drives,  four  times  the  capac¬ 
ity  of  VSM  3  and  twice  the  number  of 
real  tape  drives.  It  has  a  15  terabyte 
capacity  and  as  many  as  32  Enter¬ 
prise  Systems  Connection  interfaces 
to  peripherals.  Native  Fibre  Connec¬ 
tion  is  supported  for  the  attachment 
of  Fibre  Channel  devices.  It  also  has  a 
new  Web-based  GUI  and,  via  the  use 
of  disk  buffering,  increased  disk 
access.  VSM  4  is  available  worldwide, 
starting  at  $400,000. 

■  SuSE  Linux  said  last  week  it 
would  ship  its  Linux-based 

Standard  Server  8  software 
worldwide  in  September.  The 
German  software  vendor,  a  founding 
member  of  the  UnitedLinux  distribu¬ 
tor  consortium,  said  Standard 
Server  8  software  is  designed  for 
small  and  midsize  companies.  The 
software  will  be  available  for  32-bit 
processors  (x86)  from  Advanced 
Micro  Devices  and  Intel.  It  will  sup¬ 
port  up  to  two  CPUs.  The  package, 
which  includes  installation  and  sys¬ 
tem  support,  will  cost  $509. 
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Deutsche  Bank  gives  remote  users  a  choice 


SSL  VPN-plus 


Deutsche  Bank  uses  scanning  software  from  WholeSecurity  to 
supplement  its  Neoteris  SSL-based  VPN  for  secure  remote  access. 


Intranet  access 
request 


H ISlX) — 


Firewall 


ActiveX  or 
Netscape  plug-in 


Neoteris  Access 
5000  VPN 
Gateway 

Deutsche  Bank  hub 


WholeSecurity 
Confidence 
Online  Server 


■  BY  ELLEN  MESSMER 

At  Deutsche  Bank,  there’s  no  one- 
size-fits-all  policy  for  VPNs. 
The  bank,  which  ranks  as  the 
20th  largest  in  the  world  based  on 
market  value,  has  used  an  IP  Security 
(IPSec)-based  VPN  since  September 
2001  so  that  more  than  25,000  em¬ 
ployees  and  business  partners  could 
securely  access  its  global  intranet.  But 
six  months  ago  the  bank  began  offer¬ 
ing  an  alternative  VPN  that’s  based  on 
Secure  Sockets  Layer  (SSL). 

Deutsche  Bank  added  this  second 
type  of  VPN  the  SSL-based  offering 
mainly  because,  unlike  IPSec,it  relies 
on  Web  Browsers  and  doesn’t  re¬ 
quire  client-based  installations,  mak¬ 
ing  it  is  easier  and  less  expensive  to 
roll  out.  “Most  of  our  money  is  spent 
See  Deutsche  Bank,  page  16 


O  An  end  user  types  in  a  URL  to  get  to  Deutsche 
Bank’s  intranet  by  way  of  a  Neoteris  VPN  gateway. 
The  end  user  employs  an  RSA  SecurlD  token  to 
generate  a  dynamic  password  to  authenticate 
with  the  bank’s  system. 


©  The  Neoteris  box  instructs  a  server  running 
WholeSecurity’s  Confidence  Online  software  to  upload 
an  ActiveX  or  Netscape  plug-in  to  the  end  user’s 
device  to  scan  for  dangerous  Trojans  or  key  loggers 
before  allowing  access  to  the  intranet. 


Netgear  releases  managed  Layer  3  box 


■  BY  PHIL  HOCHMUTH 

Home  network  vendor  Netgear  last  week 
released  a  box  aimed  more  at  the  corpo¬ 
rate  set  —  a  triple-speed  (10/100/1000M 
bit/sec)  LAN  edge  switch  that  also  can  act 
as  a  hardware-based  router. 

The  GSM7324  could  help  small  compa¬ 
nies  implement  hardware-based  routing 
in  their  wiring  closet  switches,  which 
could  speed  traffic  among  nodes  on  dif¬ 
ferent  subnets  or  virtual  LANs.  And  with 
an  inexpensive  price  per  port,  the  box 
could  help  companies  with  smaller  net¬ 
works  deploy  a  mix  of  10/1 00/ 1 000M 
nodes,  such  as  servers  and  high-powered 
workstations. 

The  GSM  7324  is  a  Layer  3  switch  with  24 
10/100/1000M  bit/sec  Ethernet  ports.  The 
managed  box  supports  SNMP  and  will 
include  four  fiber  Gigabit  port  insert  slots 
for  adding  uplink  connections. 

In  addition  to  hardware-based  Layer  3 
packet  forwarding,  the  switch  will  support 
advanced  routing  protocols  such  as 
Router  Information  Protocol  Versions  1 


and  2,  and  Open  Shortest  Path  First  proto¬ 
col,  to  route  quickly  around  broken  or 
clogged  LAN  uplinks.  Virtual  Router  Re¬ 
dundancy  Protocol,  which  lets  users  set 
up  two  switches  in  a  hot-standby  configu¬ 
ration,  also  is  supported. 


The  switch  will  compete  with  products 
from  several  small-  to  midsize-business 
(SMB)  network  vendors  such  as  3Com’s 
SuperStack  and  Dell’s  FbwerConnect  pro¬ 
ducts,  and  fixed-configuration  Layer  3 
boxes  from  Cisco  (Catalyst  3550  and 
3750),  Extreme  Networks  (Summit  200) 
and  Nortel  (BayStack  5000  series). 

Netgear  held  9%  of  the  worldwide  Ether¬ 
net  port  shipments  in  2002  (selling  more 
ports  than  Extreme,  Foundry  Networks 
and  Nortel  combined,  according  to  Gart¬ 


ner).  But  it  only  played  in  the  basic  Layer 
2  switch  market,  with  its  customer  base 
consisting  largely  of  small  businesses  and 
home  network  buyers. 

With  its  new  switch,  observers  say  the 
Nortel  spinoff  is  counting  on  more  de¬ 


mand  for  advanced  features  —  such  as 
hardware-based  routing  and  Gigabit  — 
from  sophisticated  SMB  customers.  The 
move  also  could  help  it  fend  off  Dell, 
which  is  focusing  on  the  same  SMB  mar¬ 
ket,  but  does  not  offer  a  full  Layer  3  box. 

Netgear  also  is  using  price  to  attract  buy¬ 
ers.  At  $135  per  port,  the  GSM7324  costs 
about  one-fifth  as  much  as  the  average 
Gigabit  Ethernet  port. 

The  GSM7324  costs  $3,400  and  comes 
with  a  five-year  warranty  ■ 
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Twenty-six  cubed,  that’s  26  times  26 
times  26,  equals  17,576.  Remember 
that. 

A  couple  of  weeks  ago,  Microsoft  intro¬ 
duced  the  latest  incarnation  of  its  metadi¬ 
rectory  services  product  (formerly  called 
Microsoft  MetaDirectory  Services),  which 
it  purchased  in  1999  when  it  acquired 
Zoomit  Technology  and  its  VIA  metadirec¬ 
tory  service.This  is  the  first  significant  revi¬ 
sion  of  that  technology  (although  the  sec¬ 
ond  major  release), and  the  tea  leaves  can 
be  read  two  vastly  different  ways. 

The  first  way  says  that  Microsoft  finally  is 
taking  identity  management  seriously 
after  years  of  neglect.  Besides  the  release 
of  the  metadirectory  service,  there’s  also 
its  timing,  coinciding  as  it  did  with  Burton 


Group’s  Catalyst  Conference  last  week  in 
San  Francisco.  Catalyst  is  the  oldest  and 
largest  gathering  of  identity  management 
vendors  and  professionals,  and  it’s 
increasingly  gaining  importance  as  a 
venue  for  introducing  new  products  and 
services.  A  number  of  industry  veteran 
vendors,  including  Oblix  and  Business 
Layers  (the  pioneers  of  electronic  provi¬ 
sioning),  were  quick  to  announce  new 
products  and  services  supporting  Micro¬ 
soft’s  initiative. 

On  the  other  hand.it  has  taken  Microsoft 
almost  four  years  to  develop  a  metadirec¬ 
tory  product  that’s  fully  integrated  with 
Active  Directory.  In  the  intervening  years, 
Microsoft  also  has  developed  Passport 
and  the  ill-fated  Hailstorm  (later  .Net 
MYServices)  intiative  in  the  area  of  ident¬ 
ity  management.  The  Redmondites  are 
still  too  often  merely  bit  players  (when 
they’re  playing  at  all)  in  standards  bodies 
working  within  the  identity  space  on 
authentication  and  authorization. 

With  anyone  else,  I’d  conclude  that  this 


release  was  too  little  and  far  too  late,  but 
this  is  Microsoft  we’re  talking  about.  The 
beast  that  even  the  800-pound  gorillas 
stop  and  listen  to. The  new  service  will  be 
deployed  and  will  be  accounted  for  in 
future  open  standard  specification.  And 
fortunately,  there’s  nothing  in  this  new 
release  that  breaks  any  existing  standards 
—  which  could  be  another  clue  that 
Microsoft  is  simply  “going  through  the 
motions.” 

But  an  even  bigger  clue  is  the  name  of 
the  new  service.  Given  that  a  three-letter 
abbreviation  has  17,576  possible  combi¬ 
nations  (see  math  in  first  paragraph), 
and  given  that  IIS  for  years  has  been  the 
way  everyone  refers  to  Microsoft’s  Web 
server  product  (officially  Microsoft 
Internet  Information  Server)  —  why 
would  anyone  think  it  was  a  good  idea 
to  call  the  revamped  product  the  Micro¬ 
soft  Identity  Integration  Server?  Red¬ 
mond  wants  it  to  be  known  as  “MIIS.”  I 
doubt  it  will  be  known  as  very  much  of 
anything  at  all. 


Kearns ,  a  former  network  administrator, 
is  a  freelance  writer  and  consultant  in 
Silicon  Valley.  He  can  be  reached  at 
wired@  vquill.com. 


Tip  of  the  Week 


A  lot  more  happened  at  the 

Catalyst  Conference, 

some  of  it  quite  interesting 
(such  as  an  interoperability 
demo  by  the  various  ePro- 
visioning  vendors).  Check 
www.nwfusion.com,  Doc- 
Finder  6736,  to  see  my  notes 
posted  as  events  were  hap¬ 
pening,  and  then  follow  up 
with  Network  World  Fusion’s 
newsletter  on  Identity 
Management  (DocFinder: 
6737)  for  all  the  details. 


Neoteris  launches 
conferencing  appliance 


■  BY  TIM  GREENE 

Neoteris  is  adding  an  Internet-confer¬ 
encing  appliance  to  its  line  of  Secure 
Sockets  Layer  remote-access  gear,  which 
makes  it  possible  to  collaborate  with  oth¬ 
ers  that  use  Internet-connected  comput¬ 
ers  equipped  with  Web  browsers. 

Called  Meeting  Series,  the  new  family  of 
devices  sits  behind  the  firewall  at  a  cor¬ 
porate  central  site  and  coordinates  ses¬ 
sions  among  remote  users  that  need  to 
connect  with  each  other  and  share  net- 
work-based  applications  and  files. 

Because  the  device  proxies  sessions 
among  the  remote  users  and  the  network 
resources,  there  is  no  network-layer  con¬ 
nection  among  the  machines  involved, 
helping  to  protect  the  host  servers  from 
attack.  Because  sessions  between  the 
Meeting  appliance  and  the  remote  users 
are  based  on  SSL,  they  are  encrypted  to 
protect  them  from  being  compromised. 

The  remote  PCs  are  connected  to  the 
Internet  and  join  meetings  by  authenticat¬ 
ing  to  the  Neoteris  box  via  Web  browser,  a 
feature  that  is  attractive  to  Lancaster  Gen¬ 
eral  Hospital  in  Lancaster,  Pa.,  which  is 
beta-testing  the  gear. 

Using  the  device  will  let  doctors  who 
now  drive  to  a  common  site  for  consul¬ 
tations  do  so  over  the  Internet,  saving 
time,  says  Terry  Grogan,  director  of  oper¬ 
ations  and  technical  services  at  the 
hospital. 

Some  consultations  must  be  made  as 
part  of  regulatory’  requirements,  and  the 
Neoteris  gear  can  provide  a  log  record  of 


who  attended  and,  if  necessary  a  copy  of 
data  shared  and  conversations  on  the 
call.“You  could  do  your  meeting  and  have 
a  log  to  say  you  did,”  Grogan  says. 

The  gear  also  provides  an  alternative 
to  Webex  and  other  Internet-based  ser¬ 
vices  that  let  users  relinquish  control  of 
their  machines  as  part  of  joining  meet¬ 
ings.  Currently  some  network  vendors 
use  Webex  to  troubleshoot  problems, 
but  Grogan  would  like  better  control 
over  them.  She  is  worried  that  in  the 
process  of  troubleshooting,  vendors 
could  create  more  problems  than 
they  solve. 

Using  Neoteris  gear  and  scheduling  the 
collaboration  sessions  will  tip  her  off  that 
the  sessions  are  taking  place  and  give  her 
the  tools  to  find  out  what  changes  were 
made  during  the  session. 

Neoteris  is  the  first  to  offer  conferencing 
among  its  SSL  remote-access  competitors 
that  include  Aspelle,  Aventail,  uRoam 
and  Whale. 

llie  conferencing  capability  is  accom¬ 
plished  by  adding  software  on  top  of  its 
SSL  remote-access  software  called  Instant 
Virtual  Extranet  (IVE). 

Current  Neoteris  IVE  appliances  can 
be  upgraded  with  Meeting  Series  soft¬ 
ware,  but  new  Meeting  Series  appliances 
cannot  be  loaded  with  Access  Series 
software. 

The  software  upgrade  costs  $5,000  and 
is  available  now.  A  10-user  appliance  costs 
$2,000,  and  a  100-user  appliance  costs 
$12,000.  The  appliances  is  scheduled  to 
ship  in  the  fourth  quarter.  ■ 
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Deutsche  Bank 

continued  from  page  15 


distributing  software  and  configuring 
clients  in  general,”  says  George  Young, 
director  of  worldwide  remote  access  at 
Deutsche  Bank,  who  declined  to  get 
into  budget  specifics. 

Both  the  SSL-based  VPN  (based  on  the 
Neoteris  Access  5000  appliance)  and 
IPSec-based  VPN  (based  on  Nortel  gear) 
will  be  used  at  Deutsche  Bank  for  the 
foreseeable  future,  he  says.  After  all,  not 
all  applications  the  bank  uses  are  Web- 
accessible,  which  means  the  IPSec 
client  is  needed  to  reach  these  pro¬ 
grams.  And  some  employees  and  busi¬ 
ness  partners  benefit  by  having  the 
choice,  using  the  SSL-based  VPN  from 
any  Web-enabled  computer  while  on 
the  road,  for  instance. 

About  one-third  of  Deutsche  Bank’s 
78,000  employees  are  allowed  to 
access  the  intranet  remotely  and  their 
use  of  the  browser-based  VPN  now 
accounts  for  20%  of  all  remote  access 
to  the  financial  giant’s  global  intranet. 
Deutsche  Bank  maintains  Neoteris  and 
Nortel  VPN  gear  at  primary  hub  loca¬ 
tions,  including  London,  New  York  and 
Tokyo. 

Young  says  he  doesn’t  perceive  IPSec- 
and  SSL-based  VPNs  to  be  similar 
enough  to  warrant  many  direct  compar¬ 
isons,  although  he  says  encrypting  at  the 
network  layer,  as  IPSec  does,  might  be 
inherently  stronger  than  relying  on 
application-layer  SSL  encryption. 

He  says  he  has  concerns  that  SSL- 
based  VPNs  might  be  more  vulnerable 


to  sneaky  Trojans  and  keystroke  loggers, 
so  he  has  arranged  to  take  an  extra  pre¬ 
caution:  scanning  desktops  or  hand¬ 
held  devices  during  the  actual  SSL 
remote-access  procedure  to  look  for 
dangerous  malware.  If  any  is  detected, 
the  user’s  entry  is  denied  until  the  prob¬ 
lem  is  solved. 

“We’re  scanning  for  Trojans  because 
they  can  take  over  a  session  and  cap¬ 
ture  data  if  the  client  machine  is  in¬ 
fected,”  says  Young,  noting  that  Trojans 
often  are  planted  on  desktops  by  com¬ 
puter  viruses  for  this  purpose.  “The 
users  know  their  machine  is  being 
scanned  because  we  have  a  pop 
screen  that  tells  them.” 

Remote  scanning,  which  takes  just  sec¬ 
onds,  is  done  every  time  a  user  seeks 
access  to  the  intranet  during  an  SSL  VPN 
session.  The  user  enters  a  designated 
URL  and  a  password  to  gain  authoriza¬ 
tion  via  the  Neoteris  appliance. 

Deutsche  Bank  prefers  one-time 
passwords  rather  than  reusable  pass¬ 
words,  which  are  more  easily  compro¬ 
mised.  As  a  result,  the  bank  has  distrib¬ 
uted  an  RSA  Security  SecurlD  token  to 
every  employee  and  business  partner 
so  they  can  generate  unique  pass¬ 
words  dynamically. 

The  Neoteris  appliances,  which  sell  for 
about  $40,000,  don’t  perform  the  remote 
scanning.  Rather,  once  the  password 
authentication  process  is  complete, 
scanning  is  handled  by  a  server  running 
Confidence  Online  software  from  start¬ 
up  WholeSecurity  Confidence  Online 
issues  an  ActiveX  or  Netscape  plug-in  to 
any  computer  remotely  accessing  the 
network  for  the  first  time  and  then  can 
scan  every  time  access  is  initiated.  ■ 
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VoIP  for  the  smaller  site. 


Computers 


Following  the  successful  launch  of  the  MX 1200,  the 
world’s  first  Enterprise  Media  Exchange,  Zultys  now 
announces  the  introduction  of  the  MX250.  Whilst 
retaining  all  the  features  that  have  already  gained 
wide  acceptance,  the  MX250  adds  specific 
functionality  for  smaller  enterprises  or  branch  offices. 

With  configurations  starting  at  5  users,  the  MX250 
can  expand  to  250  users  without  requiring  any 
additional  hardware.  Affordable  ana  easy  to  deploy, 
the  MX250  integrates  multimedia  communications 
into  a  compact  system. 


The  MX250  is  100%  based  on  open  standards, 
powered  by  Linux,  SIP,  VoiceXML,  and  TAPI.  This 
guarantees  flexibility  and  inter-operability  within 
your  network.  You  can  make  calls,  access  voice  mail, 
access  fax  mail,  determine  presence,  and  send  instant 
messages,  all  from  a  single  graphical  interface. 


To  learn  how  the  MX250  can  address  your 
communications  needs  and  enhance  the  productivity 
of  your  business,  call  us  or  access  our  weh  site. 
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Zultys  Technologies,  the  Zultys  logo,  the  Zultys  mark.  MX1200  and  MX250  are  trademarks  of 
Zultys  Technologies.  All  other  trademarks  used  herein  are  the  property  of  their  respective  owners 
02003  Zultys  Technologies  All  rights  reserved. 


ZULTYS 


http://nw.mx250.com 


Zultys  Technologies 

771  Vaqueros  Avenue 
Sunnyvale,  CA  94085 
USA 

Tel: +1-408-328-0450 
Fax:+1-408-328-0451 
Email:  zultys@zultys.com 


Take  Our  Risk-Free  30-Day  Covad  T1  Challenge 


OVERPAYING  FOR  T1  ACCESS? 


NOW  GET  THE  BEST  FOR  HUNDREDS  LESS. 


We  just  lowered  our  prices  and  waived  our  installation 
fees.  And  that’s  for  the  same  premium  performance  and 
specialized  service  that  has  made  us  the  fastest-growing 
T1  data  provider  in  the  nation.  Still,  we  don’t  expect  you  to 
be  convinced  overnight.  That’s  why  we’re  giving  you 
30  days  of  no-risk  trial. 


-3* 


CALL  1-800-555-0456 

Try  our  T1  for  one  month  and  we’ll  pay  for  installation. 
If  you’re  not  completely  satisfied,  we’ll  refund  your 
monthly  fee  and  equipment  cost. 


www. covad.com/  tlchallenge 


WHY  SWITCH  TO  COVAD  DATAT1? 

•  Service  Level  Guarantees  •  4-hour  mean  time  to  repair  •  Guaranteed  99.99% 
monthly  uptime  •  Right-sized  pricing  when  we  lower  T1  fees  in  the  future 

•  Specialized  T1  Service  Team  available  live  24x7  •  Tl-dedicated,  toll-free  hotline 
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Takes 

■  Sun  plans  to  announce  the  first 
beta  of  its  Project  Orion  software 
package  this  month  or  early  next 
month,  with  the  final  product  sched¬ 
uled  to  ship  before  year-end,  a  source 
close  to  Sun  said  last  week.  Project 
Orion  is  the  code  name  for  Sun's 
plan  to  bundle  its  various  software 
products  with  its  Solaris  operating 
system.  The  package  will  include  all 
of  Sun's  infrastructure  products  such 
as  the  Sun  ONE  (Open  Net  Environ¬ 
ment)  Web  Server,  Application  Server 
and  server  management  products. 
IBM  and  Microsoft  offer  competing 
packages.  With  Project  Orion,  Sun 
will  ship  all  of  its  key  software  prod¬ 
ucts  packaged  in  synchronized  quar¬ 
terly  releases,  relieving  customers  of 
the  hassle  of  dealing  with  many  appli¬ 
cations  and  their  update  schedules 
and  licensing  schemes.  Analysts  say 
Sun  is  looking  at  aggressive  per- 
employee  pricing  of  between  $100 
and  $200  for  the  bundle.  A  source 
close  to  Sun  indicated  that  the  ven¬ 
dor  could  offer  different  product  and 
license  structures  for  different  uses, 
such  as  for  data  center  and  develop¬ 
ment  environments. 

■  Keynote  Systems  last  week 
announced  two  additions  to  the  com¬ 
pany’s  portfolio  of  Web  transact  ion - 
monitoring  and  performance-mea¬ 
suring  services:  Transaction  Per¬ 
spective  5.0,  and  Red  Alert 
Performance  Tracker. 

Transaction  Perspective  5.0  is  an 
outsourced  service  to  help  compa¬ 
nies  measure  performance  of  their 
Web  sites  from  an  end-user  perspec¬ 
tive.  The  service  features  a  Web 
transaction  script  recorder  that  pro¬ 
vides  a  single-user  interface  for 
recording  the  individual  pages  of  a 
transaction.  The  other  service,  RAPT, 
monitors  transaction  performance  at 
frequent  intervals  from  multiple  cities 
worldwide  and  offers  near  real-time 
trouble  alerting  when  problems 
occur.  Transaction  Perspective  5.0 
costs  about  $1,300  per  month  and 
will  be  available  this  week.  RAPT 
starts  at  $50  per  month  for  monitor¬ 
ing  a  single  page  from  four  cities. 


IBM,  Microsoft  debut  Web  specs 


■  BY  JOHN  FONTANA 

SAN  FRANCISCO  —  IBM  and  Microsoft 
last  week  published  the  fifth  of  an  eventual 
seven  specifications  that  will  work  in  uni¬ 
son  to  help  corporations  deploy  secure 
and  interoperable  Web  services. 

The  new  WS-Federation  specification  is 
designed  to  standardize  the  way  compa¬ 
nies  share  user  and  machine  identities 
among  disparate  authentication  and  au¬ 
thorization  systems  spread  across  corpo¬ 
rate  boundaries.  RSA  Security  BEA  Systems 
and  VeriSign  helped  the  two  vendors  devel¬ 
op  the  specification. 

WS-Federation  is  the  latest  milestone  in  a 
road  map  IBM  and  Microsoft  unveiled  in 
April  2002  that  introduced  WS-Security  as  a 
foundation  security  protocol  and  six  sup¬ 
porting  protocols  for  building  a  Web  ser¬ 
vices  security  framework.The  two  vendors, 
along  with  15  partners,  submitted  WS-Se- 
curity  to  the  Organization  for  the  Advance¬ 
ment  of  Structured  Information  Standards 
(OASIS)  in  September  2002.  They  have 
since  published  other  specifications  called 
for  in  the  road  map,  including,  WS-Policy 
WS-Trust  and  WS-SecureConversation. 

WS-Federation  is  described  in  the  road 
map.The  last  two  specifications, WS-Privacy 
and  WS-Authorization,are  due  by  year-end, 
according  to  IBM  officials. 

WS-Federation  has  three  functional  parts, 
including  the  Web  Services  Federation  Lan¬ 
guage,  which  defines  how  different  security 
realms  broker  identities,  user  attributes  and 
authentication  between  Web  services.  The 
specification  also  includes  Passive  Re¬ 
questor  Profile,  which  describes  how  feder¬ 
ation  helps  provide  identity  services  to 
Web  browsers,  Web-enabled  cell  phones 
and  devices;  and  Active  Requestor  Profile, 
which  does  the  same  for  applications 
based  on  Simple  Object  Access  Protocol 
and  other  smart  clients. 

“These  specifications  spell  out  how  com¬ 
panies  with  different  security  solutions  and 
different  trust  domains  can  successfully 
interoperate,”  says  Karla  Norsworthy,  direc¬ 
tor  of  dynamic  e-business  technologies  for 
IBM.  “They  allow  individual  companies  to 
integrate  business  processes  without  re¬ 
quiring  them  to  convert  to  common  secu¬ 
rity  solutions  or  implement  elaborate 
administrative  solutions.” 

IBM  and  Microsoft  presented  an  interop¬ 
erability  demonstration  last  week  using 
WS-Federation  at  Burton  Groups  Catalyst 
Conference  in  San  Francisco.  The  demon¬ 
stration  knitted  together  an  IBM  identity 
platform,  including  IBM’s  Tivoli  Access 


Manager,  IBM  Directory  Server  and  IBM 
WebSphere  Portal  (all  running  on  Linux) 
with  a  Microsoft-centric  identity  platform, 
including  Active  Directory,  BizTalk  Server 
and  .Net  Framework. 

“We  also  will  show  how  identity  systems 
can  be  federated  in  a  reliable  wajf  says 
Arvind  Krishna,  vice  president  of  security 
products  for  IBM. 

WS-Federation  is  available  on  IBM’s 
developerWorks  Web  site.  IBM  and  Micro¬ 
soft  hope  to  collect  feedback  from  end 
users  and  independent  software  develop¬ 
ers  before  eventually  submitting  the  proto¬ 
col  to  a  standards  body  The  two  compa¬ 
nies  said  the  process  would  follow  a  path 
similar  to  WS-Security’s,  which  went  from 


published  specification  to  OASIS  submis¬ 
sion  in  five  months. 

IBM  says  the  WS-Security  specifications, 
including  WS-Federation,  are  beginning  to 
line  up  with  work  by  the  Liberty  Alliance, 
which  is  focused  on  creating  a  framework 
for  federated  identity  management. 

But  Liberty  Alliance  and  the  IBM/Micro¬ 
soft  juggernaut  remain  on  separate  devel¬ 
opment  paths.  However,  the  Liberty  Al¬ 
liance  has  incorporated  WS-Security  into 
its  second-generation  specification. 

Experts  say  Liberty  and  IBM/Microsoft 
need  to  combine  forces  at  some  point  to 
create  one  identity-management  frame¬ 
work.  Neither  IBM  nor  Microsoft  are  mem¬ 
bers  of  the  Liberty  Alliance.  ■ 


NetScreen  among  firms 
adding  IPv6  to  firewalls 


■  BY  STEPHEN  LAWSON 

Makers  of  network  security  gear  are  lin¬ 
ing  up  to  help  corporations  and  service 
providers  implement  IPv6,  the  next-genera¬ 
tion  network  layer  protocol  for  the  Internet 
that  offers  a  vastly  larger  number  of  host 
addresses. 

NetScreen,  a  maker  of  network  security 
appliances,  last  week  made  available  to 
existing  customers  a  beta  version  of  fire¬ 
wall  and  VPN  software  that  supports  IPv6. 

Interest  in  IPv6  was  sparked  at  a  recent 
conference  in  San  Diego,  where  the  US. 
Department  of  Defense  announced  it  is 
making  IPv6  a  procurement  requirement 
(www.nwfusion.com,  DocFinder;  6643). 

NetScreen’s  release  comes  less  than  a 
month  after  Cisco  laid  out  plans  to  add 
stateful  packet  filtering  of  IPv6  to  its  soft¬ 
ware  and  hardware  firewall  products  in 
the  first  half  of  next  year.  Check  Point 
Software  last  October  introduced  IPv6 
support  for  its  software  with  the  release  of 
Check  Pbint  VPN-l/FireWall-1  Next  Gener¬ 
ation,  Feature  Pack  3,  according  to  a  com¬ 
pany  representative. 

The  beta  release  of  ScreenOS,  the  soft¬ 
ware  for  NetScreen’s  integrated  firewall 
and  VPN  platforms,  can  automatically 
detect  and  secure  traffic  that  uses  either 
IPv6  or  IPv4,  the  current  version  of  IPThe 
beta  release  is  free. 

IPv6  is  not  yet  necessary  for  networks  in 
North  America,  where  IP  addresses  are  rel¬ 
atively  plentiful.  But  IPv6  is  likely  to  be 


Billions  and  billions 

There  are  approximately 

4.29  billion 

possible  IPv4  addresses, 
but  about 

6.2  billion 

people  on  earth. 

IPv6  could  assign  roughly 
100  addresses  per  person. 

■ 


needed  soon  in  some  Asian  countries  and 
for  advanced  applications  such  as  mobile 
data  services  and  voice  over  IP  according 
to  Dave  Kosiur.an  analyst  at  Burton  Group. 

A  number  of  network  routers  from  Cisco 
and  other  vendors  can  handle  traffic  with 
IPv6  addresses,  but  the  story  doesn’t  neces¬ 
sarily  end  there  for  network  administrators, 
Kosiur  and  others  say 
“You  don’t  need  to  have  a  firewall  that 
routes  IPv6  in  order  to  run  IPv6.  However, 
the  way  networks  are  run  today  it’s  out  ■  ■ 
the  question  to  do  it  without  security  srws 
Alan  Bavosa.a  NetScreen  product  manager 
Some  companies  and  service  providers 
using  IPv6  last  year  were  concerned  that 
few  security  tools,  including  firewalls  wr.-vs 
See  NetScreen,  page  Hi 
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No  offense,  but  I  don’t  want  you  to  be 
me.  Last  year  the  Federal  Trade  Com¬ 
mission  received  almost  162,000 
complaints  concerning  identity  theft,  up 
from  1 17,000  in  2001.  And  there  is  no  indi¬ 
cation  that  the  problem  is  abating. 

It  is  usually  not  possible  to  figure  out 
where  identity  thieves  get  the  information 
needed  to  mimic  other  people.  But  clearly 
a  major  reason  for  the  dramatic  increase 
in  the  threat  stems  from  the  all-too-easy 
availability  of  personal  information  on 
computer  systems  connected  to  the 
Internet.  Yet,  unless  you  live  in  California, 
you  might  never  know  if  someone  who 


I  don’t  want  you 

should  not  do  so  gets  access  to  some  of 
this  data. 

As  of  July  l,the  new  California  Database 
Security  Breach  Act  requires  that  an  opera¬ 
tor  of  a  computer  notify  anyone  whose 
unencrypted  personal  information  has 
been  exposed  by  some  type  of  security 
breach,  but  only  if  you  live  in  California. 
Sen.  Dianne  Feinstein  (D-Calif.)  has  intro¬ 
duced  a  bill  to  establish  a  U.S.  Federal  law 
to  extend  the  requirement  nationally  There 
are  a  few  differences  between  the  Califor¬ 
nia  law  and  the  Feinstein  proposal  — 
including  not  letting  individuals  sue  com¬ 
panies  for  a  failure  to  notify  the  individual 
of  a  security  breach  —  but  the  basic  idea  is 
the  same:  Warn  someone  whose  data  has 
been  compromised  to  keep  an  eye  open 
for  signs  that  someone  is  exploiting  the 
information. 

There  was  a  lot  of  press  coverage  of  the 
new  California  law  and  of  Feinstein’s  pro- 


to  be  me 

posal.  But  far  too  much  of  it,  including  a 
June  30  cover  story  in  this  magazine, 
focused  on  companies  whining  that  it  will 
be  hard  or  embarrassing  to  comply  with 
the  idea  that  they  should  care  enough 
about  the  people  whose  data  they  use  and 
abuse  to  let  those  people  know  if  someone 
else  might  be  about  to  make  their  lives  a 
nightmare. 

Companies  that  actually  care  about  the 
well-being  of  their  customers  have  been 
doing  the  right  thing  for  years.  It’s  only  com¬ 
panies  that  value  a  reputation  built  on  lies 
that  have  not  been  letting  customers  know 
about  security  failures. 

It  is  unfathomable  to  me  why  a  company 
would  consider,  even  for  a  second,  obeying 
the  California  law  only  for  California  resi¬ 
dents.  It  is  not  the  legal  risk  that  a  company 
might  miss  a  customer  who  moved  to 
California  that  makes  this  narrow  ap¬ 
proach  unfathomable,  or  that  there  soon 


www.nwfusion.com ! 


might  be  a  national  law.  Rather,  it  is  the 
immorality  of  not  notifying  other  cus¬ 
tomers.  But  I  guess  that  morality  is  not  a  pre¬ 
requisite  for  some  corporations’  lawyers. 

Some  corporations  complain  that  notifi¬ 
cations  will  give  a  false  impression  of  their 
security  systems  and  might  cause  cus¬ 
tomers  to  move  to  companies  with  better 
security  records. They  are  both  wrong  and 
right:  Disclosure  will  give  a  true  picture  that 
a  company  is  too  stupid  to  keep  customer 
data  well  protected  and  encrypted,and  the 
market  will  punish  such  companies.  Both 
are  good  things. 

Disclaimer:  Harvard’s  relationship  to  the 
concepts  of  “stupid”  and  “good  things”  are 
in  the  mind  of  the  beholder,  but  the  above 
observation  is  my  own. 

Bradner  is  a  consultant  with  Harvard 
University’s  University  Information  Systems. 
He  can  be  reached  at  sob@sobco.com. 


Polycom  strengthens  videoconference  features 


■  BY  JASON  MESERVE 

Polycom  has  been  busy  the  past  two 
weeks  announcing  advanced  features  for 
its  low-end  gateway  device,  improved  video 
and  audio  quality  for  its  desktop  video- 
conferencing  device,  and  a  portal-like  Web 
conferencing  service  that  integrates  many 
of  the  company’s  product  lines  into  one 
interface. 

The  enhanced  products  include  Version 
5.6  of  the  software  that  powers  Polycom’s 
MGC-25  gateway  for  connecting  multiple 
users  in  a  single  audio  or  video  call;  the  Via 
Video  II,  the  latest  version  of  Polycom’s 
desktop  IP  videoconferencing  device;  and 
WebOffice  5.6  software  for  launching  meet¬ 
ings  and  sharing  files. 

Expected  this  week,  the  MGC-25  Version 
5.6  adds  advanced  features  to  Polycom’s 
entry-level  gateway, such  as  the  ability  to  see 
conference  participants  simultaneously; 
transcoding  (connecting  IP  ISDN  and  pub¬ 
lic  switched  telephone  network  systems  in 
the  same  call);  and  the  ability  to  support  a 
presence  service  that  lets  users  click  on  a 
name  in  a  window  and  connect  to  that  user. 

All  of  these  features  were  previously  avail¬ 
able  in  the  high-end  MGC-50  and  MGC-100 
lines  targeted  at  users  with  hundreds  or 
more  simultaneous  users.  The  MGC-25  is  a 
2U-high  box  designed  for  small  offices  and 
departmental  use,  and  can  connect  users 
coming  in  on  traditional  videoconferenc¬ 
ing  endpoints  as  well  as  the  phone,  says 
Eva  Shafer,  product  marketing  manager  for 
the  MGC-25. 

With  Version  5.6,  Polycom  also  is  intro¬ 
ducing  a  number  of  new  configurations  for 
the  device,  including  an  ISDN-only  model 
for  videoconferencing  and  a  48-port  voice- 
only  option.  Pricing  ranges  from  $26,000  for 
a  12-port  IP-only  device  on  the  low  end  to 
a  high  of  $79,950  for  the  high-end  model. 

Fblycom  also  announced  the  new  ver- 


Polycom’s  ViaVideo  II  features  improved  image 
quality  in  low-light  conditions  and  can  support 
video  calls  running  up  to  51 2K  bit/sec. 


sion  of  WebOffice,  which  gives  customers 
the  ability  to  set  up  their  own  conferencing 
portal  within  a  corporate  network.  Running 
on  a  Windows  2000,  WebOffice  provides 
end  users  with  their  own  “virtual”  office  that 


can  be  used  to  host  ad  hoc  meetings  with 
traditional  Web  conferencing  features  such 
as  slide  shows,  application  sharing  and  text 
chat.  This  is  similar  to  what  PlaceWare  or 
WebEx  offers  as  a  service  provider  applica¬ 
tion.  A  desktop  client  or  Web  interface  can 
be  used  to  access  the  virtual  office. 

Polycom  is  in  the  process  of  integrating 
WebOffice  across  its  product  lines.  Using  an 
instant-messaging-like  contact  list,  users 
can  connect  to  one  another  individually 
for  a  Web  collaboration  session,  to  launch  a 
point-to-point  or  multi-point  call.  Pricing  for 
WebOffice  starts  at  $600  per  seat,  and  it  is 
available  in  five-seat  increments. 

Finally  end  users  will  benefit  from  the 
new  ViaVideo  11  desktop  IP  videoconfer¬ 
encing  device,  which  now  features  the  abil¬ 
ity  to  conference  at  up  to  512K  bit/sec,  up 
from  384K  bit/sec.  Pblycom  also  cut  from 


64K  bit/sec  down  to  32K  bit/sec  the 
amount  of  bandwidth  needed  for  transmit¬ 
ting  audio. The  savings  help  squeeze  more 
video  into  lower-bandwidth  connections. 

Unlike  smaller  USB  Webcams  that  rely  on 
the  PC’s  processor  to  do  all  the  video  and 
audio  processing,  the  ViaVideo  II  contains 
its  own  audio/video  chipset.VCON  offers  a 
similar  desktop  IP  device  in  the  same  price 
range. 

“It  is  a  hell  of  an  improvement;  the  low- 
light  [capability]  is  great,"  says  Guy  Welty, 
manager  of  global  media  networks  and 
collaborative  services  at  WR.  Grace  in 
Columbia,  Md.  Welty  is  rolling  out  the  units 
at  his  company  so  that  executives  can  con¬ 
duct  video  meetings  without  having  to 
leave  their  offices. 

ViaVideo  II  began  shipping  last  week 
and  is  available  for  $599.  ■ 


NetScreen 

continued  from  page  19 

available  for  it.  Another  concern  was  that 
because  IPv6  would  let  each  system  have 
a  unique  IP  address,  a  hacker  might  be 
able  to  target  a  specific  system  in  a  com¬ 
pany  for  attack. 

The  new  ScreenOS  release  provides  en¬ 
cryption  and  firewall  capabilities,  as  well 
as  protection  against  denial-of-service 
attacks,  for  IPv6  traffic.  It  can  encapsulate 
IPv6  traffic  in  IPv4,  letting  corporations  or 
service  providers  operate  an  IPv6  network 
across  a  backbone  that  hasn’t  been  con¬ 
figured  to  handle  the  new  kinds  of  pack¬ 
ets,  Bavosa  says. 

Organizations  or  carriers  that  haven’t 
deployed  IPv6  generally  don’t  have  to 
worry  about  IPv6  attacks  because  their  fire¬ 
walls  and  routers  can’t  route  the  harmful 
packets,  Kosiur  and  Bavosa  say.  However,  if 
they  want  to  try  it  out  they’ll  demand  some 


security  mechanisms,  experts  say 

“If  someone  is  dependent  on  firewalls 
now,  then  they  will  want  a  firewall  when 
they  move  to  IPv6, ’’says  John  Klensin, chair¬ 
man  of  the  Internet  Engineering  Task 
Force’s  Internet  Architecture  Board. 

Emerging  applications  might  force  com¬ 
panies  and  service  providers  in  North 
America  to  adopt  IPv6,  Kosiur  says.To  con¬ 
serve  unique,  public  IP  addresses,  many 
network  administrators  hand  out  ad¬ 
dresses  just  for  use  inside  a  closed  area, 
but  new  applications  might  have  trouble 
with  that,  he  says.  For  example,  without  the 
additional  addresses  provided  by  IPv6,  it 
might  be  hard  to  implement  voice  over  IP 
in  an  organization  and  receive  calls  from 
outside.  Networks  of  air-quality  and  other 
sensors  or  closed-circuit  TV  cameras  are 
likely  to  demand  too  many  unique  public 
addresses  to  be  set  up  under  IPv4. 

Data  services  for  mobile  phones  also 
call  for  IPv6,  Bavosa  says.  A  carrier  could 


hand  out  a  temporary  IP  address  to  every 
subscriber  whenever  a  service  was  re¬ 
quested,  rather  than  assigning  permanent 
public  IP  addresses  to  each  phone,  but 
maintaining  that  system  would  be  compli¬ 
cated  and  expensive,  he  says. 

Vendors  are  moving  toward  implement¬ 
ing  IPv6  on  a  range  of  equipment,  includ¬ 
ing  firewalls,  routers,  load-balancing 
equipment  and  content  caches,  Kosiur 
says. 

NetScreen  expects  to  introduce  a  ver¬ 
sion  of  the  IPv6-compatible  ScreenOS  for 
pilot  production  networks,  which  will 
include  more  advanced  IPv6  features,  in 
the  first  half  of  next  year.  A  version  for  pro¬ 
duction  environments  is  expected  in  the 
second  half  of  next  year,  according  to  a 
NetScreen  statement.  Prices  have  not 
been  set  for  the  two  future  products. 

Lawson  is  a  correspondent  with  the  IDG 
News  Services  San  Francisco  bureau. 


>9:32  am.  Martha  Watson  counts  over  1,200  name  brands  in  order  to  justify  the  word  "more"  to  the  legal  department. 
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Your  priorities 
are  clear  now. 


Fortunately,  NextiraOne  can  help.  With  our 
proven  expertise  in  converged 

environments,  your  migration 
becomes  much  clearer. 

And  your  job  does  too. 

At  NextiraOne,  our 
experienced  professionals 
bring  clarity  to  your  complex 
networks.  Whether 
;,  implementing,  supporting 
or  managing.  Whether  it’s  a  voice,  data  or  converged 
infrastructure.  Whether  you’re  in  the  United  States 
or  around  the  world.  No  matter  what,  we  provide 
the  expertise,  resources,  leadership  and  vendor- 
independence  that  ensure  world-class  networks. 

In  fact,  NextiraOne  is  already  working  —  adding 
clarity  —  at  almost  500,000  sites  worldwide. 


Switching  to  a  converged  environment  is  a 
complicated  process.  And  you  don’t  have  time 
to  master  every  platform.  Not  with  everything 
else  on  your  plate. 


Simply  put,  whatever  we  do  and  wherever  we  go, 
clarity  follows.  So,  instead  of  spending  all  your 
time  learning  the  intricacies  of  convergence,  you 
can  trust  NextiraOne  —  and  get  back  to  the  rest 
of  your  responsibilities.  Like  getting  full  value 
out  of  your  IT  resources. 


www. NextiraOne.com 
(888)  398-0547 


Equant  pushing  IDS  service 


■  AT&T  Wireless  has  inked  a  three- 
year  roaming  agreement  with  West¬ 
ern  Wireless  to  expand  AT&T  Wire¬ 
less’  reach  throughout  17  western 
states.  Both  service  providers  sup¬ 
port  GSM/General  Packet  Radio 
Service  wireless  networks.  AT&T 
Wireless  has  signed  30  roaming 
agreements  in  the  past  year  to 
improve  coverage,  especially  in  rural 
areas  in  about  30  states.  Two  of  the 
largest  deals  are  with  Cingular  Wire¬ 
less  and  T-Mobile.  AT &T  Wireless 
says  it  expects  to  support  roaming 
services  in  most  of  the  markets  cov¬ 
ered  by  these  30  deals  by  year-end. 

■  SBC  has  announced  a  service  bun¬ 
dle  aimed  at  simplifying  telecom  pur¬ 
chasing  and  providing  predictable 
monthly  costs  for  small  businesses. 
Business  Unlimited  includes  up  to 
five  telephone  lines  with  unlimited 
local  and  long-distance  service,  and 
access-line  fee  charges  for  $59  per 
month,  per  line.  The  service  provider 
also  is  offering  a  discount  to  users 
that  bundle  their  wireless  and  wireline 
services  onto  one  bill.  New  customers 
that  sign  up  with  Cingular  Wireless 
and  combine  this  monthly  bill  with 
their  SBC  wireline  service  bill  will 
receive  a  20%  discount  on  monthly 
access  charges.  The  discount  is  only 
available  to  users  in  SBC's  West, 
Southwest  and  Midwest  regions. 

■  Rackspace  Managed  Hosting 

now  is  offering  Red  Hat 
Enterprise  Linux  as  a  hosted  plat 
form.  Rackspace  announced  the 
partnership  last  week,  saying  it  is 
aimed  at  making  it  easier  for  compa¬ 
nies  without  in-house  Linux  expertise 
to  run  applications  on  the  open 
source  operating  system.  Rackspace 
will  help  businesses  configure  and 
deploy  applications  on  Linux,  taking 
responsibility  for  the  hardware  and 
other  core  components,  including  the 
operating  system.  Red  Hat  Enter¬ 
prise  Linux  offers  application  and 
hardware  support  for  applications 
from  companies  such  as  BEA 
Systems,  BMC  Software,  IBM, 
Oracle  and  Veritas  Software. 


■  BY  DENISE  PAPPALARDO 

Equant  announced  a  managed  service 
last  week  that  it  says  will  address  a  major 
shortcoming  of  intrusion-detection  sys¬ 
tems:  too  many  false  alarms. 

“There  are  a  large  amount  of  false  neg¬ 
atives  and  false  positives  with  intrusion 
detection,”  says  Steve  Maslin,  product 
manager  for  Equant  s  Intrusion  Detection 
service. 

Initially  available  only  for  the  company’s 
managed  firewall  service  customers,  the 
offering  promises  an  added  level  of  secu¬ 
rity  by  examining  traffic  for  irregular  pat¬ 
terns  or  content.The  service  may  be  made 
available  to  other  managed  service  cus¬ 
tomers  based  on  user  demand,  according 


■  BY  TIM  GREENE 

IP  phone  service  provider  GoBeam  is 
taking  the  guesswork  out  of  how  many 
calling  minutes  to  buy  with  a  new  flat-fee 
pricing  model  that’s  based  on  how  many 
phone  sets  customers  have. 

With  the  new  pricing  for  its  virtual  PBX 
(vPBX)  service,  customers  pay  $49.95  per 
phone,  per  month,  for  25  to  49  phones, and 
pay  $39.95  for  50  phones  or  more.That  is  a 
change  from  the  old  model  that  charged  3 
to  5  cents  per  minute  depending  on  the 
number  of  minutes  customers  bought. 

“The  all-you-can  eat  approach  is  a  good 
one,”  says  Naseem  Choudhary,  IT  manager 
for  start-up  Ironport  Systems,  maker  of 
messaging  gateway  appliances  and  a 
GoBeam  customer. 

Currently,  the  company  buys  packages  of 
calling  minutes  for  each  user,  guessing 
how  many  each  will  need,  but  often  buy¬ 
ing  too  many  or  too  few.’Typically  my  sales 
people  and  executives  will  be  over  their 
limits.  Buying  buckets  of  minutes  is  a 
worse  thing  to  do  than  doing  a  flat  rate,” 
Choudhary  says. 

VPBX  includes  phone  service  with  call 
features  like  those  found  on  standard 
PBXs.but  these  features  are  supplied  from 
equipment  within  GoBeam’s  network  (see 
graphic).  And  because  the  service  is  IP- 
based,  it  can  blend  voice  and  data  to 
deliver  features  not  available  with  tradi¬ 
tional  PBXs.  . 


to  the  carrier. 

The  Intrusion  Detection  service  is  based 
on  Cisco  IDS  4200  Sensors  that  Equant 
deploys  in  front  of  Check  Point  firewalls 
on  customer  sites  (although  Equant  will 
support  other  vendors’  IDS  gear  if  already 
installed). 

Alarms  and  alerts  are  forwarded  to 
security  operations  centers  run  by 
Equant  partner  Ubizen,  which  correlates 
the  messages  and  sorts  out  those  that 
might  spell  trouble. 

“This  is  a  service  that  does  not  rely  on  an 
automatic  response,  but  an  intelligent 
response  to  alerts  and  alarms,”  Maslin  says. 

Equant  says  this  service  could  offload  a 
lot  of  work  for  a  customer.  In  one  customer 
example  the  carrier  says  a  company  with 


For  instance,  vPBX  includes  a  feature 
called  visual  voice  mail,  in  which  cus¬ 
tomers  can  call  up  a  Web  page  that  lists  by 
caller  or  phone  number  the  phone  calls 
they  have  received.The  list  includes  audio 
attachments  that  can  play  back  the  mes¬ 
sage  and  a  place  where  users  can  click  to 
return  the  call. 

The  GoBeam  service  also  supports  auto¬ 
matic  call  distribution  so  incoming  calls 
are  directed  to  any  free  phone  grouped 
with  the  phone  being  called.  Customers 
get  audio  conferencing  and  call-logging 
data  to  track  how  phones  are  being  used. 
Broadband  Internet  access  is  also  part  of 
the  vPBX  offering. 

GoBeam  says  its  services  are  directed  at 
small  and  midsize  businesses  that  want 


up  to  30  sensors  experienced  5  million 
alerts  in  a  month.  Of  those  alerts  only 
250,000  were  identified  as  “real  attacks.” 
And  of  those,  only  55  needed  to  be  esca¬ 
lated  to  the  customer  as  the  carrier  was 
thwarting  the  attacks. 

Equant  meets  with  each  customer  before 
service  deployment  for  a  network  vulnera¬ 
bility  assessment. 

The  offering  will  be  available  in  220 
countries  where  Equant  offers  managed 
services. 

“One  of  the  greatest  strengths  of  Equant  is 
that  it  truly  offers  a  global  service  and  pro¬ 
vides  a  one-stop  shop  for  an  integrated 
portfolio  of  managed  security  services,” 
says  John  Sherwood,  managing  director  at 
See  Equant,  page  26 


PBX  functionality  but  not  the  expense  or 
commitment  of  staff  required  to  buy  their 
own.  In  the  case  of  Ironport,  the  company 
was  growing  beyond  its  four-line  analog 
phone  switch,  but  as  a  start-up.  was  uncer¬ 
tain  just  how  big  it  would  get. 

So  it  was  difficult  to  decide  whether  to 
buy  a  PBX  for  50  users  that  might  hit 
capacity  right  away  or  buy  one  for  100 
users  that  might  sit  with  ports  empty, 
Choudhary  says.  The  price  range  wa^ 
$30,000  to  $50,000. 

Ironport  considered  a  Centrex  service 
and  an  IP  PBX  service.  Choudhary  was 
wary  of  Centrex  because  of  past  unsan 
factory  experiences  with  local  carrier  , 
and  GoBeam  cost  about  10%  less 

See  GoBeam,  page  "G 


GoBeam  offers  flat-fee  IP  voice  plan 

Flat  rate  for  IP  phone  service  replaces  pay-as-you-go  model. 

IP  voice  plus  Internet 

Service  provider  GoBeam  charges  a  flat  fee  for  an  IP  voice  service  called 
vPBX  that  includes  PBX  features  and  Internet  access  via  a  T-1  circuit. 


GoBeam  sorts 
traffic  and 
forwards  voice 
■  to  the  public 
switched 
1  telephone 
network  (PSTN) 
and  data  to  the 
j  Internet. 
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FRAME  RELAY  MANAGEMENT  TOOLS:  Tfiree  users  speak  of  benefits. 

Getting  more  out  of  frame  with  mgmt.  tools 


■  BY  DENISE  PAPPALARDO 

Reducing  costs  and  getting  more  out  of  existing  tech¬ 
nology  has  become  a  mantra  for  IT  professionals, 
especially  those  with  mature  networks  such  as 
frame  relay 

Companies  are  deploying  a  variety  of  frame  relay  man¬ 
agement  tools  that  not  only  help  get  a  handle  on  costs, 
but  also  improve  performance. 

Although  United  Parcel  Service  (UPS), Staples  and  the 
South  Carolina  Army  National  Guard  operate  different 
types  of  frame  relay  networks,  all  have  benefited  from 
using  products  from  NetScout,  SolarWinds.Net  and  Visual 
Networks,  respectively 

UPS  deployed  NetScout’s  nGenius  Performance 
Manager  to  get  a  better,  more  detailed  look  at  its  net¬ 
work.  One  goal  was  to  pinpoint  which  applications  were 
driving  bandwidth  consumption, says  Peter  Gunn,  project 
manager  at  the  shipping  company  in  Mahwah,N.J. 

Although  Gunn  says  it’s  difficult  to  quantify  total  sav¬ 
ings  since  deploying  the  product,  his  intent  is  “to  slow 
the  pace  of  increasing  costs  and  keep  network  costs  at  a 
reasonable  and  manageable  level.  1  believe  we’ve  been 
able  to  do  that.” 

UPS  operates  51  frame  relay  networks  that  connect 
2,500  sites  worldwide.The  company  works  with  a  handful 
of  service  providers,  including  AT&T,  Equant  and  Sprint,  to 
support  that  architecture.  Although  keeping  a  close  eye 
on  the  network  always  has  been  important  to  Gunn  and 
his  team,  UPS’ older  management  tools  didn’t  meet  all  the 
company’s  needs,  he  says.  UPS  had  used  Concord 
Communications’ Network  Health  management  tools 
from  just  about  the  time  it  set  up  its  frame  network  in  the 
mid-1990s. 

“Previously  we  had  a  private  network  where  we  owned 
the  circuits  and  could  see  into  the  network.  With  frame 
relay  a  public  network,  we  didn’t  have  that  type  of  visi¬ 
bility  Gunn  says.Two  years  ago,  UPS  decided  it  needed  a 
more  granular  view  than  the  Concord  product  could 
provide,  he  says. 

The  company  was  looking  to  identify  how  much  band¬ 
width  specific  applications  consumed  and  at  what  rate  its 
bandwidth  consumption  was  growing. 

After  Gunn  deployed  the  NetScout  system,  he  gath¬ 
ered  this  information  and  took  corrective  action  that 
has  let  UPS  avoid  bandwidth  increases  at  certain 
sites.“Cost  avoidance  is  as  important  as  cost  reduc¬ 
tion,”  Gunn  says. 

“Our  objective  was  to  map  our  business  applications 
regardless  of  protocol.  We  wanted  to  see  it  in  terms  of 
things  that  are  well  known  and  understood  by  the  busi¬ 
ness  community  Gunn  says.  NetScout  provides  that  level 
of  detail,  where  e-mail  is  defined  as  such  and  not  simply 
as  POP3  traffic,  he  says. 

Instead  of  throwing  mom  bandwidth  into  the  network, 
UPS  deployed  Check  Point’s  FloodGate-1  policy  manage¬ 
ment  tool.  This  lets  Gunn  keep  applications  such  as 
e-mail,  by  fai  the  leading  bandwidth  hog  on  the  network, 
in  check  by  ensuring  it  never  consumes  all  bandwidth  at 
any  given  site.  Gunn  says  some  departments  have  taken 
further  action  by  reducing  the  size  of  individual  mailbox¬ 


es  and  restricting  the  size  of  attachments. 

Like  many  network  managers,  Gunn  has  joined  together 
a  handful  of  products  to  meet  his  monitoring  needs. 

The  reason  some  departments  have  taken  their  own 
actions  is  because  Gunn  also  uses  the  tool  to  calculate 
departmental  chargebacks  for  application  usage.  Before 
deploying  NetScout,  UPS  estimated  application  usage  for 
each  department.“Some  departments  were  very  happy 
when  we  changed  our  chargeback  methods.  Others  were 
not  as  happy  he  says. 

UPS  recently  started  using  additional  modules  included 
in  the  NetScout  product  to  improve  network  visibility 
from  specific  sites  on  the  network. 

“There  is  a  newspaper  module  that  allows  us  to  publish 


[network]  activity  the  following  day  for  any  given  loca¬ 
tion  in  our  environment,”  Gunn  says.“Our  field  organiza¬ 
tion  is  quite  extensive  with  4,000  folks  worldwide.” 

This  feature  lets  those  users  see  unusual  or  abnormal 
network  behavior  on  a  specific  Web  page  for  their  loca¬ 
tion,  which  might  not  affect  performance  but  is  worth  get¬ 
ting  a  handle  on  before  it  does. 

Gunn  chose  the  NetScout  product  after  much  research 
and  in-house  testing.  And  while  UPS  has  been  happy  with 
the  product,  Gunn  says  that  with  any  project  there  are 
issues. 

“Right  out  of  the  gate,  we  had  scalability  issues,”  Gunn 
says.“But  we  worked  very  closely  [with  the  vendor]  and 
then  migrated  to  the  next-generation  product,  which 
pretty  much  established  a  good  stable  environment.” 

Gunn  recommends  that  when  shopping  for  a  product 
users  should  consider  the  specific  issues  in  their  network 
environment.There  were  NetScout  reference  customers 
that  appeared  to  be  managing  significantly  larger  envi¬ 
ronments  than  UPS, so  Gunn  assumed  that  scalability 
would  not  be  an  issue.’And  it  turned  out  to  be  our 
biggest  issue,”  he  says. 

Different  challenge  at  Staples 

Like  UPS,  Staples  is  runs  a  large  frame  relay  network,  but 
capacity  planning  was  a  bigger  issue  for  the  chain  of 
office  supply  stores.The  Framingham,  Mass.,  company 
deployed  SolarWinds.Net’s  Orion  management  tool  to  get 
a  better  handle  on  utilization  across  its  1,200-node  frame 
relay  network. 

Staples  used  HP  Open  View,  which  provided  the  status  of 
each  circuit  and  alerts  when  a  problem  occurred,  but  the 


company  needed  more, says  Sally  Jo  Bernard,  director  of 
network  operations. 

“We  needed  a  tool  that  would  give  us  capacity  informa¬ 
tion  so  we  can  upgrade  and  downsize  circuits,” she  says. 

When  Staples  deployed  the  product  about  18  months 
ago,  Bernard  and  her  team  monitored  capacity  on  all 
frame  relay  connections  at  256K  bit/sec  or  above. They 
determined  that  many  sites  did  not  need  that  much 
bandwidth.“We  moved  many  to  64K  bit/sec  to  128K 
bit/sec  ports,  which  saved  quite  a  bit  of  moneyf  she  says. 

Bernard  also  discovered  a  few  sites  that  were  in  need  of 
more  bandwidth. 

“We  saved  a  significant  sum  last  year  and  this  year  on 
downsizing,"  Bernard  says.“We’ve  saved  five  times  the  cost 


of  the  Orion  product.” 

While  Staples  did  not  want  to  reveal  specific  dollar 
amounts,  SolarWinds.Net  Orion  SL2000  software  package 
starts  at  about  $8,000.  And  while  rightsizing  bandwidth 
was  an  important  goal  for  Staples,  the  retail  store  now 
also  is  better  able  to  plan  future  network  needs. 

Before  deploying  the  Orion  product,  Bernard’s  group 
would  add  capacity  to  the  network  when  a  new  business 
application  was  going  to  be  rolled  out,  without  knowing  if 
additional  bandwidth  was  needed. The  idea  was  to  avoid 
potential  performance  problems. 

“Now  when  someone  says  they  want  to  deploy  an  appli¬ 
cation,  we  can  pilot  it  before  it  goes  out  and  also  tell  them 
that  if  they  do  roll  this  application  out . .  .we  will  have  to 
spend  [this  much]  more  for  bandwidth,”  Bernard  says. 

Bernard  says  she  constantly  is  looking  at  the  Orion 
product,  even  when  not  conducting  a  network-wide  util¬ 
ity  analysis. 

“In  the  right-hand  corner  of  the  [client], the  tool  reports 
your  25  most  heavily  used  links,” she  says.“l  keep  an  eye 
on  that  info,  and  if  1  continually  see  the  same  link  pop  up 
1  download  more  detailed  info  on  that  connection.  If 
capacity  exceeds  70%  utilization  on  a  regular  basis,  it’s 
time  for  an  upgrade.” 

Looking  for  better  performance 

Although  reducing  costs  is  important  to  the  South 
Carolina  Army  National  Guard,  improving  network  perfor¬ 
mance  was  the  primary  reason  it  deployed  Visual’s  Visual 
UpTime  management  system. 

“We  were  having  difficulty’  at  our  small  sites,  especially 

See  Special  Focus,  page  26 


fcfc[0ur  goal  is]  to  slow  the  pace  of  increasing  costs 
and  keep  network  costs  at  a  reasonable  and  man¬ 
ageable  level.  I  believe  we've  been  able  to  do  that.19 


Peter  Gunn 

Project  manager,  UPS 
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EYE  ON  THE 
CARRIERS 

Johna  Till 
Johnson 


A  month  ago  I  wrote  about  what  ser¬ 
vice  providers  can  do  to  get  in  tune 
with  IP  telephony,  including  devel¬ 
oping  compelling  ROl  stories,  emphasiz¬ 
ing  managed  service  and  delivering  inte¬ 
grated  mobile  solutions. 

A  few  service  providers  have  written  to 
remind  me  politely  that  they  already  do 
some  of  these  things. 

“Equant  uniquely  addresses  each  of 
these  areas  of  concern  through  a  life- 
cycle  approach,  ROI  assistance,  a  fully 
managed  service  (LAN/WAN),  and  cus¬ 
tomer  transition  management,”  writes 
Michael  Burrell,  a  product  manager  in 
Equant’s  Convergence  Solutions  group. 
Qwest  also  stresses  its  ability  to  deliver  full 
life-cycle  solutions  and  managed  services. 


Need  IP  telephony  talent? ...  Try  a  service  provider 


Unfortunately,  the  message  isn’t  getting 
through  to  customers.  Only  about  14%  of 
IT  executives  my  firm  surveyed  report  rely¬ 
ing  on  service  providers  for  their  IP  tele¬ 
phony  solutions, and  most  report  that  they 
find  the  carriers’  value  proposition  less 
than  compelling. 

We’ve  already  talked  about  what  service 
providers  can  do  to  address  this.  Time  to 
take  a  look  at  the  “hidden  gold”  that  IT 
executives  might  uncover  from  their  ser¬ 
vice  providers:  voice  and  data  integration 
talent,  particularly  for  deployments. 

Here’s  the  issue.  More  than  half  of  IT 
executives  who  have  deployed  IP  tele¬ 
phony  say  they  have  used  value-added 
resellers  (VAR)  or  integrators  during  the 
deployment  phase.  Very  often,  however, 
these  VARs  and  integrators  are  woefully 
under-skilled.  Implementing  IP  telephony 
requires  expertise  in  both  voice  and  data 
technologies,  as  well  as  an  understand¬ 
ing  of  the  organization’s  overall  business 
requirements.  Few  VARs  can  deliver  on 
all  counts,  and  even  extensive  research 


might  not  reveal  weaknesses. 

“We  really  checked  out  our  VAR,”  one  IT 
executive  told  us.  “We  checked  refer¬ 
ences.  They’d  been  around  for  years  and 
had  a  really  good  reputation.  But  in  the 
middle  of  the  rollout  it  became  clear  that 
they  didn’t  have  any  real  IP  telephony 
experience.” 

My  recommendations  for  evaluating 
VARs: 

•  Get  the  biographies  of  the  individu¬ 
als  who  will  be  assigned  to  the  project 
(and  ensure  that  the  VAR  doesn’t  pull  a 
bait-and-switch  by  substituting  other 
consultants). 

•  In  those  biographies,  look  for  five  to  10 
years  of  hard-core  voice  experience,  plus 
recent  certifications  from  a  data  vendor 
(Cisco’s  IP  telephony  certifications  are 
among  the  most  rigorous). 

•  Finally, check  references  to  be  sure  the 
company  previously  actually  has  imple¬ 
mented  IP  telephony. 

Service  providers  are  among  the  com¬ 
panies  most  likely  to  meet  these  criteria. 


Keep  in  mind  that  many  service  pro¬ 
viders’  IP  telephony  rollouts  are  several 
years  old  (For  example,  Qwest  offered  one 
of  the  first  public  IP  telephony  services  in 
the  mid-’90s),  which  means  that  service 
providers  have  considerable  experience 
with  the  technology 

Moreover,  these  providers  often  “eat  their 
own  dog  food”  and  rely  on  IP  telephony 
for  internal  use  (Equant  does  this,  for 
example).  Finally,  service  providers  are 
among  the  most  likely  to  have  people 
skilled  in  voice  arcana. 

The  upshot?  Look  to  the  service 
providers  for  deployment  assistance.  Of 
course,  the  catch  lies  in  ensuring  that  the 
individuals  with  this  expertise  actually 
work  on  your  project.  But  it  doesn’t  hurt  to 
ask.  You  might  be  pleasantly  surprised  by 
the  answer. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research ,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 
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those  out  in  the  boonies,”  says 
Captain  David  McNamee,  network 
control  center  manager  at  the 
South  Carolina  Army  National 
Guard. 

McNamee  supports  a  60-node 
frame  relay  network.  Although  it’s 
confined  to  one  state,  several  car¬ 
riers  provide  circuits  because  it 
spans  many  rural  areas  where 
only  independent  local  exchange 
carriers  offer  service. 

Network  performance  and  relia¬ 
bility  became  an  issue  with  many 
of  the  smaller  providers.  The 
regional  National  Guard  not  only 
supports  data  over  its  frame  relay 
network,  but  also  voice.  Perfor¬ 
mance  became  such  a  problem 
that  “it  sounded  as  if  some  of  our 
circuits  were  running  across 
barbed  wire,”  McNamee  says.  “We 
were  also  having  trouble  verifying 
our  [service-level  agreements].” 

About  two  years  ago,  Mc¬ 
Namee  started  working  with 
Visual,  but  only  in  the  past  year 
has  he  gone  though  a  full  net¬ 
work  deployment. 

McNamee  says  he  was  looking 
for  three  things  while  selecting 
a  network  management  tool: 
durable  hardware,  a  versatile 
product  that  would  let  him  trou¬ 
bleshoot  remotely  and  to  work 
with  a  respected  vendor. 

“The  monitoring  gear  is  often 
put  in  wiring  closets  that  don’t 
get  a  lot  of  attention"  at  the 
armories  in  each  county,  Mc¬ 
Namee  says. “With  only  two  field 
technicians  to  serve  the  entire 


state,  we  needed  a  rugged  device 
that  didn’t  require  these  guys 
running  around  changing  out 
power  supplies  and  things  like 
that.” 

His  small  staff  also  set  the 
requirement  for  remote  trouble¬ 
shooting  support.  And  because 
he  was  challenging  his  telecom 
providers,  he  wanted  to  team 


with  a  well-known  vendor. 

“Some  of  our  providers  were 
even  offering  to  support  the  Visual 
devices,  but  I  thought  that  was  a 
little  like  asking  the  fox  to  watch 
the  chicken  coop,” McNamee  says. 

McNamee’s  plan  panned  out. 

“After  we  put  the  Visual  probes 
in  place,  we  would  call  our 
provider  and  say  our  Visual 
[probes]  were  indicating  such 
and  such  problem.  Then  all  we 
would  hear  was  silence  on  the 
other  end  of  the  line,  where  we 
used  to  hear,  ‘It’s  not  us,’” 
McNamee  says. 

Performance  improved  soon 
after  because  McNamee  could 
prove  exactly  how  a  circuit  was 
not  performing  up  to  par  and  also 


that  the  cause  stemmed  from  the 
carrier. 

McNamee  also  uses  the  infor¬ 
mation  that  he  gathers  from  the 
probes  to  help  justify  current 
bandwidth  and  bandwidth  in¬ 
creases  that  might  be  needed. 

“Because  of  budget  con¬ 
straints,  we’re  squeezing  every 
penny  out  of  every  dollar,”  he 


says.  “We  have  also  been  able  to 
determine  if  Internet  usage  was 
affecting  the  [quality]  of  voice  at 
a  given  location.”  This  informa¬ 
tion  has  let  the  military  organiza-  j 
tion  advise  users  as  to  when  to  ! 
make  downloads  or  file  transfers 
to  make  better  use  of  existing 
bandwidth. 

Deploying  frame  relay  manage 
ment  tools  has  benefited  these 
three  users,  so  you  might  wonder 
why  everyone  isn’t  using  them. 
Brownlee  Thomas,  an  analyst  at 
Giga  Information  Group,  says  the 
there  are  two  reasons:  First,  these 
management  problems  just  now 
are  becoming  more  sophisticated 
and  therefore  more  useful;  and 
second,  these  tools  aren’t  free.  ■ 


Equant 

continued  from  page  23 

consulting  firm  Sherwood 
Associates. 

The  service  is  initially  for  cus¬ 
tomers  that  have  dedicated  IP 
connections  running  from  45M 
bit/sec  to  200M  bit/sec.  An 
upgraded  version  planned  for  in 
the  fall  will  support  customers 
with  connections  up  to  1G 
bit/sec,  Maslin  says. 

Equant  is  far  from  alone  in  the 
managed  security  services  mar¬ 
ket.  AT&T,  which  launched  en¬ 
hancements  to  its  IDS  service 
last  month,  handles  the  monitor¬ 
ing  of  customer  network  secur¬ 
ity  in-house. 

MCI,  like  Equant,  teams  with  a 
security  company  to  deliver  its 
offering.  In  MCl’s  case,  ISS  is  the 
partner.  Ubizen  and  ISS  also  offer 
security  services  of  their  own, 
although  companies  such  as 
Equant  and  AT&T  offer  many 
more  managed  services.  While 


ISS  is  the  market  leader,  Equant 
can  offer  users  a  broader  range 
of  security  product  support, 
where  ISS  only  offers  customers 
probes  developed  by  the  com¬ 
pany,  Sherwood  says. 

Equant’s  Intrusion  Detection 
service  rates  vary  depending  on 
the  customer’s  dedicated  band¬ 
width  connectivity  The  carrier 
says  it  will  charge  about  $3,800 
per  month  for  a  100M  bit/sec 
connection  for  a  user  that  signs  a 
three-year  contract.  ■ 


More  online! 

See  our  review  of  IDS  apps,  and  get  the 
latest  outsourcing  news. 

DocFinder:  6741 


GoBeam 

continued  from  page  23 

GoBeam  s  service  lets  the  company  use  its  existing  phones  that  con¬ 
nect  to  GoBeam’s  router  via  an  IP  adapter  and  add  IP  phones  one  at 
a  time  as  the  company  grows, Choudhary  says.  As  Ironport  expands 
into  new  office  space,  it  saves  money  by  not  having  to  wire  sepa¬ 
rately  for  phone  and  data  networks,  he  says. 

He  says  he  overcame  being  wary  of  a  start-up  provider. 

“We’re  a  start-up  ourselves,  so  we're  willing  to  give  a  new  com¬ 
pany  a  try,”  he  says.Ut  might  have  been  a  different  decision  if  I  was 
making  it  for  a  1,000-person  company" 

In  addition  to  direct  service  in  California,  GoBeam  also  provides 
the  IP  phone  service  that  Verizon  sells  in  Chicago  and  Ohio  as 
Verizon’s  first  out-of-region  IP  phone  offering.  ■ 


fcii  With  only  two  field  technicians  to  serve 
the  entire  state,  we  needed  a  rugged  device 
that  didn't  require  these  guys  running 
around  changing  out  power  supplies  and 
things  like  that.  11 

David  McNamee 

Network  control  center  manager 
South  Carolina  Army  National  Guard 


FCIP  bridges  Fibre  Channel  SANs 


■  BY  TOM  CLARK 

Fibre  Channel  over  IP  is  a  proposed  IETF 
standard  for  linking  Fibre  Channel  fabrics 
over  TCP/IP  network  links.  The  protocol 
can  be  used  as  an  alternative  to  connect¬ 
ing  storage-area  networks  via  dense  wave¬ 
length  division  multiplexing  and  dark  fiber. 
Tapping  a  more  affordable  and  available  IP 
service  can  dramatically  reduce  the 
monthly  cost  of  wide-area  links  and  extend 
the  maximum  distance  between  Fibre 
Channel  sites. 

FCIP  transports  Fibre  Channel  data  by 
creating  a  tunnel  between  two  endpoints 
in  an  IP  network.  Frames  are  encapsulat¬ 
ed  into  TCP/IP  at  the  sending  end.  At  the 
receiving  end,  the  IP  wrapper  is  removed 
and  native  Fibre  Channel  frames  are 
delivered  to  the  destination  fabric.  This 
technique  is  commonly  referred  to  as 
tunneling,  and  has  historically  been  used 
with  non-IP  protocols  such  as  AppleTalk 
and  SNA. 

The  technology  is  implemented  using 
FCIP  gateways,  which  typically  attach  to 
each  local  SAN  through  an  expansion- 
port  connection  to  a  Fibre  Channel 
switch.  All  storage  traffic  destined  for  the 
remote  site  goes  through  the  common 
tunnel.  The  Fibre  Channel  switch  at  the 
receiving  end  is  responsible  for  directing 
each  frame  to  its  appropriate  Fibre 
Channel  end  device. 

Multiple  storage  conversations  can  con¬ 
currently  travel  through  the  FCIP  tunnel, 
although  there  is  no  differentiation  be¬ 
tween  conversations  in  the  tunnel.  From 
the  standpoint  of  the  IP  network,  the  FCIP 
tunnel  is  opaque. 

An  IP  network  management  tool  could 
view  the  gateways  on  either  side  of  the 


■  HOW  IT  WORKS 


Fibre  Channel  over  IP 

With  FCIP,  Fibre  Channel  storage  data  is  wrapped  in 
TCP/IP  for  transport  that  can  extend  over  miles. 
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O  A  Fibre  Channel  server  writes  data  to  its  local  RAID  in  New  York. 

©  Replication  software  on  the  RAID  sends  a  copy  to  another  disk  in  New  Jersey  for  disaster  recovery. 
©  The  Fibre  Channel  switch  sends  the  data  to  the  FCIP  gateway,  which  wraps  the  Fibre  Channel  frames 
in  TC/IP. 

O  The  FCIP  gateway  in  New  Jersey  strips  off  the  TCP/IP  wrapper  and  sends  native  Fibre  Channel  frames 
to  the  local  Fibre  Channel  switch. 

©  The  local  Fibre  Channel  switch  forwards  the  data  to  the  New  Jersey  RAID  array. 


tunnel,  but  can’t  zero  in  on  the  individual 
Fibre  Channel  transactions  moving  with¬ 
in  the  tunnel.  The  tools  would  thus  view 
two  FCIP  gateways  on  either  side  of  the 
tunnel,  but  the  traffic  between  them 
would  appear  to  be  between  a  single 
source  and  destination,  not  between  mul¬ 
tiple  storage  hosts  and  targets. 

Connecting  Fibre  Channel  switches  cre¬ 
ates  a  single  Fibre  Channel  fabric  analo¬ 
gous  to  bridged  LANs  or  other  Layer  2 
networks.This  means  that  connecting  two 


remote  sites  with  FCIP  gateways  creates 
one  Fibre  Channel  fabric  that  can  extend 
over  miles.  This  preserves  Fibre  Channel 
fabric  behavior  between  remote  loca¬ 
tions  but  could  leave  the  bridged  fabric 
vulnerable  to  fabric  reconfigurations  or 
excessive  fabric-based  broadcasts. 

FCIP  gateways  are  commonly  sold  in 
pairs  for  each  tunneled  link.  Connecting 
Site  A  to  Site  B,  for  example,  would 
require  one  pair,  while  connecting  Site  A 
to  Site  C  would  require  an  additional  pair 


of  gateways.  FCIP  is  more  suitable  for 
point-to-point  connections  than  multi¬ 
point  connections. 

Because  FCIP  simply  wraps  and  unwraps 
Fibre  Channel  frames  in  IP  there  are  few 
ways  for  vendors  to  distinguish  their  gate¬ 
ways.  Some  manufacturers  therefore  are 
reducing  FCIP  functionality  to  a  blade  that 
inserts  into  a  Fibre  Channel  switch. 

Another  proposed  IETF  standard,  Internet 
Fibre  Channel  Protocol  (iFCP),  uses  the 
same  Fibre  Channel  frame  encapsulation 
scheme  as  FCIP  However,  iFCP  is  a  more 
complex  protocol  that  was  designed  to 
overcome  the  potential  vulnerabilities  of 
stretched  fabrics,  enable  multi-point 
deployments  and  provide  native  IP 
addressing  to  individual  Fibre  Channel 
transactions. 

For  management,  FCIP  uses  Service 
Locator  Protocol  (SLP)  to  identify  FCIP 
gateways  in  the  IP  network.  With  relatively 
few  FCIP  gateways,  SLP  offers  a  suitable 
look-up  table  mechanism.  ISCSI  and  iFCP 
can  use  SLPbut  for  more  complex  environ¬ 
ments,  the  Internet  Storage  Name  Server 
(iSNS)  is  preferred.  FCIP  gateways  do  not 
support  iSNS. 

For  security,  IP  Security  (IPSec)  provides 
authentication,  encryption  and  data  in¬ 
tegrity.  FCIP  also  uses  IPSecs  automatic 
key-management  protocol,  Internet  Key 
Management,  for  handling  the  creation 
and  management  of  security  keys. 

The  FCIP  standard  is  expected  to  be  final¬ 
ized  within  a  year. 

Clark  is  director  of  technical  marketing 
and  Nishan  Systems  and  author  of  IP 
SANs  and  Designing  Storage  Area 
Networks.  He  can  be  reached  at  tclark@ 
nishansystems.  com. 


Dr.  Internet  By  Steve  Blass 

I  installed  a  personal  digital  certificate  under  my 
email  client  I  can  digitally  sign  my  e-mail  but  can¬ 
not  encrypt  messages  I  send  unless  I  have  a  copy 
of  the  recipient's  digital  certificate.  Why  won't  my 
system  encrypt  my  email  with  my  key  unless  it 
has  a  copy  of  the  recipient's  digital  certificate? 

Your  system  doesn’t  use  your  key  to  encrypt 
e-mail  you  send,  it  uses  the  recipient’s  public  key.  A 
digital  certificate  has  two  keys,  one  public  and  one 


private.  Messages  encrypted  with  one  key  can 
only  be  decrypted  by  the  other.  When  you  digitally 
sign  e-mail,  your  system  calculates  a  message 
digest,  which  is  like  a  checksum,  and  encrypts  the 
result  using  your  private  key.  When  someone 
checks  your  digital  signature  by  decrypting  it  with 
your  public  key  and  finds  that  the  message  check¬ 
sum  matches  the  result  in  the  signature,  they  are 
assured  that  you  actually  sent  the  e-mail.  When 
you  send  an  encrypted  mail  message,  your  system 


retrieves  the  recipient’s  public  key  from  his  digital 
certificate  and  uses  that  to  encrypt  the  message. 
This  means  the  recipient  needs  the  matching  pri¬ 
vate  key  to  decrypt  the  contents.  Signing  the  mail 
only  certifies  that  you  sent  it.  Encrypting  the  mail 
ensures  that  only  the  recipient  can  read  it. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr.  internet® 
changeatwork.  com. 


Technology  Update 

Wrapping  up  the  WLAN 
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So  last  week  we  talked  about  getting 
the  wireless  LAN  infrastructure 
ready  for  our  friend’s  conference, 
and  the  next  step  was  to  look  at  what  ser¬ 
vices  needed  to  be  provided. 

We  could  have  linked  our  network  to  the 
Wi-Fi  service  in  the  hotel  we  were  staying 
at,  but  the  conference  management  decid¬ 
ed  that  if  the  attendees  could  send  and 
receive  mail  it  would  distract  them.We  had 
to  agree. When  you  can  handle  your  e-mail 
it  is  hard  not  to  do  so. 

So  we  set  up  our  802.1  la/b/g  network  as 
a  stand-alone  open  net.  We  didn’t  enable 
Wireless  Equivalent  Privacy  because  we 
wanted  to  make  it  easy  for  attendees  to  get 
connected. 

It  would  have  been  nice  to  implement 
something  like  Active  Portal  (details  at 
www.nwfusion,  DocFinder:  6742)  but  time 
was  against  us.  Active  Portal  is  a  set  of  ser¬ 
vices  that  provide  network  identification, 
an  acceptable  use  policy  (AUP),  reverse 
intrusion  detection,  traffic  shaping,  log¬ 


ging  functions,  and  optionally  a  caching 
DNS  server  and  Web  proxy  caching  for  a 
WLAN  setup. 

Active  Fbrtal  redirects  HTTP  traffic  from 
unauthorized  users  to  an  AUP  page.  After 
the  user  agrees  to  the  AUP  he  is  directed  to 
the  Universal  Firewall  Toolkit  interface, 
which  controls  access  to  the  Internet. 
Active  Pbrtal  also  supports  permanent  or 
privileged  users  who  do  not  have  their  Web 
access  redirected  upon  initial  requests. 

The  list  of  features  is  impressive,  not  to 
say  downright  ambitious.  If  any  of  you 
have  tried  this  or  any  similar  subsystem, 
please  let  us  know  your  experiences. 

Open  for  business 

Anyway,  even  though  an  open  WLAN  is 
generally  a  bad  idea,  we  figured  it  was 
unlikely  that  there  would  be  many  hack¬ 
ers  around  and  the  content  was  managed 
easily.  If  we  had  needed  to,  we  could  have 
rebuilt  all  the  data  that  users  had  read/ 
write  access  to  in  a  few  seconds. 

We  set  up  our  Linksys  wireless  access 
point  to  hand  out  network  addresses  via 
DHCP  and  on  our  Linux  server  we  used 
Apache  to  provide  access  to  the  confer¬ 
ence  content.  This  consisted  of  a  home 
page  that  pointed  to  a  detailed  agenda,  a 
page  to  download  the  sponsor’s  and 


speaker’s  handouts  and  presentations, 
and  a  page  of  links  to  the  areas  where  dis¬ 
cussion  groups  could  store  content  if 
they  wished. 

We  considered  running  News  Manager 
or  Document  Manager  from  Interactive- 
tools.com  (details  at  DocFinder:  6743)  so 
results  of  the  group  discussions  could  be 
posted,  but  we  felt  that  would  be  too  dis¬ 
tracting.  If  you  haven’t  seen  these  products 
they  are  terrific  and  an  incredible  value 
(Interactivetools.com  even  includes  free 
installation). 

We  also  ran  Samba  on  the  server  to  pro¬ 
vide  Windows  shares  so  that  attendees 
could  download  presentations  and  hand¬ 
outs.  Setting  up  Samba  is  tricky,  and  the 
Red  Hat  Samba  configuration  utility  is  not 
the  most  comprehensive  tool.  Note  that 
you  can  directly  edit  the  Samba  configu¬ 
ration  files  but  you  will  never  be  able  to 
run  the  configuration  utility  without  the 
risk  of  wiping  out  your  manually  created 
edits  (this  is  a  common  problem  with 
many  Red  Hat  graphical  configuration 
tools). 

If  you  haven’t  taken  a  look  at  Samba,  do 
so  right  now  —  it  is  very  impressive  but 
pretty  complicated  (we  plan  to  write  a 
couple  of  Gearheads  on  Samba  soon). 

So  we  provided  all  attendees  with 
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instructions  on  how  to  access  the  wireless 
network  and  fired  it  up.  How  did  it  go? 
Pretty  well.  Out  of  74  attendees,  33%  used 
the  wireless  network  to  access  the  Web 
server. The  attendees  list  was  downloaded 
by  1 1  people,  and  six  attendees  down¬ 
loaded  everything. 

User  experience 

What  we  found  particularly  interesting 
was  that  not  everyone  with  a  wireless- 
equipped  computer  knew  how  to  con¬ 
nect  to  our  network. The  biggest  problem 
was  the  wireless  access  software  they 
used  didn’t  make  it  easy  It  seems  that  the 
process  of  identifying  and  selecting  ac¬ 
cess  points  and  then  connecting  to  them 
is  too  geeky  for  the  average  non-technical 
user.  If  we  repeat  this  exercise  we’ll  run 
something  such  as  Active  Fbrtal  and  send 
attendees  connection  instructions  before 
the  event. 

On  the  whole  the  exercise  was  fun  and 
quite  instructive.  As  end  users  and  wire¬ 
less  network  management  tools  get  better, 
this  kind  of  infrastructure  will  become  de 
rigueur  at  conferences. 

Get  connected  to  gearhead@gibbs. 
com  and  send  along  your  early  WLAN 
experiences. 


Cool  Too 

Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


Toolless  desktop,  swivelicious  monitor 


It’s  been  a  few  weeks  since  we’ve  been  able  to  test 
some  stuff  here  at  the  Cool  Tools  Test  Zone, so  as  usual 
we’re  falling  behind.  Here’s  a  quick  look  at  two 
products  that  have  graced  our  offices  and 
merit  the  Cool  Tools  label: 


IBM  ThinkCentre  S50 

While  many  companies  have 
gone  the  route  of  giving  work¬ 
ers  notebooks  and  having 
them  connect  via  docking  sta¬ 
tions  when  in  the  office,  there 
are  still  times  when  a  desk¬ 
top  is  needed  Once  you  get 
one,  the  last  thing  you  want  is 
to  be  hassled  when  trying  to 
install  new  hardware, such  as  a 
new  optical  drive,  additional 
memory  or  a  PCI  card. 

IBM  has  solved  this 
problem  with  its  Think- 
Centre  line  of  desk¬ 
tops.  The  company 
sent  us  an  S50  model, 


X 


IBM's  ThinkCentre  S50 
takes  the  hassle  out  of 
hardware  installation. 


which  is  less  than  half  the  size  of  a  normal  desktop. 

It  was  so  small  I  thought  IBM  had  forgotten  to  send 
the  complete  system. 

The  best  part  of  the  S50  is  its  toolless  design  —  if 
you  need  to  open  the  system  to  install  anything  new, 
you  push  two  buttons  on  the  side  and  the  cover  pops 
open.  Other  buttons  let  you  pop  open  the  optical  dri¬ 
ves  for  easy  removal.The  overall  design  is  very  attrac¬ 
tive,  with  options  for  the  desktop  to  stand  on  its  side 
or  flat  with  a  monitor  placed  on  top.  In  addition  to 
the  hardware,  the  S50  includes  IBM’s  Rapid 
Restore  Ultra  software  (for  back-up  and  restore 
purposes),  and  the  System  Migration  Assistant, 

which  transfers  data 
and  settings  to  the 
desktop. 

The  ThinkCentre 
S50  offers  speeds  up 
to  3.06  GHz  with  a 
Pentium  4  processor 
(ours  was  a  2.8-GHz 
processor),  up  to 
2.06G  bytes  of  RAM 
and  up  to  an  80G-byte 
hard  drive.  The  Think¬ 
Centre  S  series  starts  at 
$739.  Go  to  www.nw 
fusion.com,  DocFinder: 
6735,  for  more  details. 


HP  LI  925  monitor 

Ever  since  we  had  to 
send  back  the  30-inch 
wide-screen  flat  panel  mon¬ 


itor  from  NEC-Mitsubishi, 
our  office  has  been  miss¬ 
ing  something.  HP  tried  to 
make  me  feel  a  bit  better 
by  sending  a  flat-panel  of 
its  own,  the  L1925.  At  19 
inches,  the  monitor  is 
smaller  than  the  wide-screen 
model,  but  at  least  1  have  some 
desk  space  back. 

The  L1925  has  two  things  that  make  it  cool.  First,  the 
back  of  the  monitor  has  a  height-adjustable  base,  which 
lets  you  move  the  monitor  up  or  down  for  better  viewing. 
The  monitor  also  can  swivel  forward  or  back. The  height 
adjustment  was  very  smooth  to  operate  —  it  was  similar 
to  the  way  you  adjust  an  office  chair. 

The  second  cool  thing  about  the  LI 925  is  the  monitor’s 
ability  to  pivot  90  degrees,  to  create  either  a  landscape  or 
portrait-sized  monitor. The  monitor  includes  PivotPro  soft¬ 
ware  from  Pbrtrait  Displays  that  lets  you  rotate  the  screen 
in  case  you  want  to  work  on  documents  in  a  vertical  set¬ 
ting.  The  monitor  supports  resolutions  up  to  1,280  by 
1,024  pixels,  and  up  to  a  500:1  contrast  ratio. 

We  had  one  small  issue  with  the  monitor  —  it  seemed 
to  flicker  after  we  made  height  adjustments.  It  turned  out 
that  our  monitor  connection  wasn’t  tight  enough,  even 
though  we  thought  it  was. 

The  L1925  starts  at  $689.Go  to  the  HP  Web  site  for  details. 


Shaw  can  be  reached  at  kshaw@nww.com. 
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CoAA  ATT  Are  companies  responsible 
idUcHII  I  for  their  CRM  failures? 

Two  experts  debate  whether  vendors  or  buyers  bear  the  most  blame  for  CRM  mishaps. 


Yes,  by  Chris  Selland 

Mention  CRM  these  days  and  the  most  common  response  you’ll  receive  will 
have  something  to  do  with  failure  —  usually  because  of  some  fault  of  the 
vendor.  But  blaming  vendors  for  CRM  failures  is  simplistic  and  incomplete. 
Much  of  the  accountability  resides  with  the  users  of  CRM  technology. 
That’s  right  —  it’s  your  fault. 

More  often  it’s  a  failure  of  planning,  and  a  lack  of  specificity  that  dooms  CRM  initiatives. 
Successful  CRM  is  about  putting  strategy  before  software.  So  before  you  embark  on  your 
CRM  journey  (or  if  you’re  stuck  somewhere  along  the  path),  consider  the  following  com¬ 
mon  mistakes: 

•  Goals  are  too  broad.  All  too  often  a  CRM  initiative  within  a  company  is  a  “boil  the 
ocean”  exercise  involving  everything  that  must  be  done  to  get  to  a  customer-centric  nir¬ 
vana.  Nothing  wrong  with  having  vision,  but  the  tactical  steps  necessary  to  begin  traveling 
the  path  toward  that  vision  are  often  missing. 

•  Strategies  are  too  generic.  CRM  strategies  must  be  business-specific.The  CRM  industry 
—  analysts  and  consultants  as  well  as  vendors  —  have  been  telling  us  that  every  company 
can  use  technology  the  same  way  to  gain  the  same  results.  Nothing  could  be  further  from 
the  truth. 

•  Implementations  are  too  software-centric. Technology  can  and  should  play  a  role  in 
enhancing  customer  relationships  —  but  a  supporting  role,  not  a  leading  one.  Of  course, 
with  IT  analysts,  consultants  and  vendors  leading  the  charge,  it’s  not  surprising  that  the 
market’s  message  has  been  “software  first,”  but  that  thinking  does  everyone  a  disservice. 

•  The  term  CRM  is  backwards.  Who  should  be  managing  your  relationships  with  cus¬ 
tomers:  you  or  the  customers?  When  you  think  things  through, you’ll  find  it’s  the  latter.Stop 
trying  to  manage  the  customer  relationship  and  let  the  customer  do  it.  Learning  how  to 
effectively  respond  to  their  needs  and  demands  is  ultimately  what  will  drive  success. 

Ignore  the  analysts  and  pundits  trying  to  scare  you  away  from  CRM  with  their  failure  sta- 
tistics.The  question  is  not  whether  to  get  involved  with  CRM,  but  how.Specificallythe  ques¬ 
tion  is:  How  do  you  turn  your  general  desire  to  enhance  customer  relationships  into  an 
action  plan?  How  do  you  take  your  organization  from  “We  want  happier  customers”  to  “We 
have  a  plan  to  reduce  customer  service  costs  by  40%  by  moving  60%  of  our 
incoming  requests  to  self-service  while  improving  our  first-call  resolution  rates 
by  25%"? 

You  can’t  implement  software  to  fix  a  problem  if  you  don’t  have  a  good 
handle  on  what  the  problem  is  and  a  specific  plan  to  fix  it.  Before  you  go 
blaming  the  software  vendor  —  or  before  you  even  think  about  software  — 
figure  out  what  you  want  to  do  and  why  you  want  to  do  it.  With  such  a  business- 
first  mindset, the  technology  decisions  become  straightforward  and  obvious, and 
the  path  to  success  much  more  clear. 

Selland  is  managing  director  of  Reservoir  Partners,  an  end  user- 
focused  relationship  management  research  and  consulting  firm  in 
Cambridge,  Mass.  He  can  be  reached  at  cselland@reservoir 
partners.com. 


No,  by  Dror  Pockard 

Vendors  —  not  customers  —  are  ultimately  responsible  for  CRM  failures.There 
was  so  much  hype  around  the  technology  in  the  late  1990s  that  it  was  almost 
impossible  to  meet  inflated  customer  expectations.  CRM  providers  must  take 
responsibility  for  making  ambitious  promises  that  were  simply  impossible 
to  keep. 

Exacerbating  the  situation  is  the  confusion  between  CRM  and  sales  force  automation 
(SFA).CRM  and  SFA  are  categories  that  have  been  wrongly  lumped  together. While  SFA  is 
designed  to  equip  a  sales  force  to  close  deals,  it  does  not  influence  customer  retention, 
an  element  that  goes  to  the  heart  of  the  CRM  agenda.  SFA  is  about  acquiring  new  cus¬ 
tomers,  whereas  CRM  is  concerned  with  identifying,  servicing,  retaining  and  increasing 
profitable  customer  relationships. 

This  confusion  has  serious  financial  consequences.  A  successful  CRM  implementation 
maximizes  profitable  customer  relationships  and  increases  loyalty  by  transforming  the 
contact  center  from  a  resource  drain  to  a  profit  center.  Many  vendors  ignore  this  important 
aspect  of  maintaining  and  growing  customer  relationships  when  selling  CRM  software.  But 
the  multi-channel  contact  center  represents  a  major  opportunity  for  extensive  reduction  of 
costs  and  increase  in  profits.  In  the  contact  center,  vendors  must  provide  clear  action  items 
for  agents  based  on  customer  insights  to  achieve  high  productivity 
Another  concern  is  that  many  CRM  vendors  simply  throw  technology  at  customers’ 
problems  and  walk  away.  Instead,  vendors  must  use  a  combination  of  in-depth  vertical 
knowledge,  a  sophisticated  professional  services  team  and  industry-leading  software  to 
develop  solutions  that  work.  And  vendors  must  commit  to  customer  satisfaction  with  any 
CRM  implementation  —  even  assuming  some  of  the  responsibility 
Companies  always  will  look  for  ways  to  make  customer  relationships  as  efficient  and 
profitable  as  possible.  It’s  not  about  ERR  SFA  or  CRM  —  it’s  about  a  different  approach 
to  the  market,  and  customers  are  demanding  it.Vendors  must  show  commitment  by  see¬ 
ing  implementations  through  from  inception  to  ongoing  ROl  calculations. 

One  of  the  greatest  challenges  companies  face  in  this  context  is  the  increasingly  sophis¬ 
ticated  and  complex  task  of  integrating  and  automating  business  processes.  Linking  these 
systems  and  automating  the  end-to-end  processes  that  touch  customers,  employ¬ 
ees  and  external  systems  is  one  area  in  which  businesses  find  the  value  of 
CRM  investments.  What  this  all  boils  down  to  is  that  vendors  are  responsible 
for  helping  customers  achieve  a  fully  integrated  enterprise  network  and 
solid  business  results  from  their  CRM  implementations. 

While  it  is  currently  popular  to  highlight  cases  where  CRM  has  failed,  the 
most  important  aspect  of  fulfilling  the  promise  of  CRM  lies  with  the  vendor, 
not  with  the  customer.  A  higher  level  of  vendor  commitment  is  the  missing 
ingredient. 

Fbckard  is  president  of  the  ClarifyCRM  division  of  Amdocs  - 
billing  and  CRM  software  vendor  in  San  Jose.  He  can  be  reached  at 
drorpo@amdocs.  com. 


More  online! 

Log  on  to  Network  World  Fusion  to  voice  your  opinion. 
Face-off  authors  Chris  Selland  and  Dror  Pockard  will 
add  their  thoughts  to  the  discussion. 
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EDITORIAL 

John  Dix 

Reserving 
judgment  on 
IDS  death 

Gartner  has  created  something  of  a  flap  with  a 

string  of  reports  saying  intrusion-detection  systems 
haven’t  lived  up  to  their  promises  and  will  be 
eclipsed  by  intrusion-prevention  tools. 

The  latest  indictment  was  issued  last  month,  a  report 
called  “Intrusion  Detection  is  Dead  —  Long  Live 
Intrusion  Prevention,”  by  Richard  Stiennon.vice  president 
of  research.  Gartner  has,  in  fact,  been  banging  this  drum 
for  a  while.  Last  August  the  company  recommended 
delaying  investments  in  IDSs  until  better  options 
emerged. 

Network  World  also  was  urging  caution  at  the  time.  In  a 
test  of  eight  IDS  products  in  a  production  network  we 
concluded:“All  ask  too  much  of  their  users  in  terms  of 
time  and  expertise  to  be  described  as  security  must- 
haves.”  (We  have  another  test  running  now  and  will 
report  the  results  in  the  fall.) 

But  we  didn’t  go  as  far  as  to  conclude  that  IDS  doesn’t 
have  a  future,  which  is  the  Gartner  theme  that  is  gnawing 
at  some  security  mavens.  Gartner  essentially  is  saying 
that,  given  the  documented  problems  with  detection  sys¬ 
tems,  you’re  better  off  spending  your  money  on  other 
tools  such  as  advanced  firewalls  and  application  security. 

But  some  insiders  don’t  add  it  up  the  way  Gartner 
does.  Network  World  Test  Alliance  member  Joel  Snyder, 
a  senior  partner  at  Opus  One  in  Tucson,  agrees  that 
intrusion  prevention  is  a  technology,  not  a  product,  and 
he  also  expects  to  see  it  show  up  in  devices  such  as 
firewalls  and  switches  (see  www.nwfusion.com, 

Doc  Finder:  6752). 

But  he  and  others  argue  that  if  IDS  makers  can  over¬ 
come  problems  such  as  false  positives,  there  will  be 
room  in  a  layered  defense  for  IDS  because  its  role  is 
different  from  other  security  components.  As  one  per¬ 
son  in  our  forum  (see  DocFinder:  6753)  on  the  topic 
pointed  out,  instead  of  sitting  inline,  IDS  systems  are 
out  of  band  and  watch  the  network  for  signs  of  attack 
or  misuse.  Even  with  all  our  other  safeguards,  some 
stuff  always  gets  through,  and  IDS  systems  represent  the 
final  safety  net. 

But  Stiennon  counters  that  there  is  no  guarantee  that 
IDS  vs  ill  pick  up  that  activity.“You’re  better  off  spending 
you!'  money  on  other  things,  like  application  security  You 
don't  need  to  sniff  packets.” 

IDS  dearly  still  has  to  prove  its  worth,  but  we’ll  reserve 
jucgmer f  until  we  get  the  readings  from  our  current  test. 
After  ali  hs  vendors  have  had  a  year  to  address  the  early 
criticisms. These  test  results  might  prove  to  be  sink  or 
swim  for  the  IDS  community. 

—  John  Dix 
Editor  in  chief 
jdix@nww.com 
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Spam  scam 

Regarding  Mark  Gibbs’  Backspin  column  “Beating 
online  burning”  (www.nwfusion.com,  DocFinder: 
6730),  in  which  he  discusses  the  Nigerian  letter 
fraud:  There  is  a  new  Nigerian  scam  making  the 
rounds,  this  time  targeting  people  who  are  selling 
big-ticket  items  over  the  Internet.  I  first  heard  about 
this  on  the  rec.games.pinball  newsgroup;  sellers  of 
pinball  machines  have  been  targets  of  the  scam. 
The  way  it  works  is  you  advertise  a  pinball  machine 
for  sale  for,  say  $3,000.  The  scammer  writes  to  you 
and  tells  you  that  a  friend  in  the  U.S.  owes  him 
$5,000,  so  the  friend  is  going  to  send  you  a  cashier’s 
check  for  that  amount,  and  would  you  please  send 
the  scammer  the  pinball  machine  and  wire  the 
scammer  the  $2,000  difference.  Problem  is,  the 
cashier’s  check  is  counterfeit.  The  bank  will  credit 
your  account  for  $5,000  in  a  couple  of  days,  but 
then  a  week  or  two  later,  the  bank  gets  the  check 
back  and  freezes  your  account  for  the  missing 
$5,000.  And  you  are  already  out  the  $2,000  that  you 
wired  to  the  “purchaser.”  There  is  a  Web  page  about 
this  scam  at  DocFinder:  6731. 

Jim  McCullars 

Huntsville, Ala. 

Quality,  not  quantity 

Regarding  “Patch  mgmt.  mess  gets  Microsoft’s  atten¬ 
tion”  (DocFinder:  6732):  While  I  was  intrigued  to 
hear  Microsoft’s  chief  security  strategist,  Scott 
Charney,  admit  that  “Patch  management  is  broken,” 
the  story  dwells  on  the  number  of  tools,  with  no 
information  on  particular  tools.  This  is  like  telling  a 
carpenter: “Your  problem  is  that  you  have  too  many 
tools,  so  I  got  rid  of  most  of  them.  Now  your  toolbox 
is  lighter. Isn’t  that  great?”Streamlining  can  be  a  good 
thing,  but  what  1  really  want  to  hear  about  are 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief.  Network  World,  1 18  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  aerification. 


changes  in  functionality,  operation  and  manageabil¬ 
ity  regardless  of  the  number  of  tools  left  when  the 
dust  settles. 

Jim  Becker 
Lead  systems  engineer 
The  Urban  Institute 
Washington,  D.C. 

Love  that  LAN  feel 

Regarding  Joel  Snyder’s  column  “SSL  VPNs  won’t 
save  the  world”  (DocFinder:  6733):  1  agree  that 
Secure  Sockets  Layer  (SSL)  VPNs  have  their  sweet 
spot  for  remote  access  and  extranets  using  a  hand¬ 
ful  of  applications.  However,  the  applications  must 
be  able  to  interface  with  Web-based  protocols  at  the 
upper  layer  of  the  IP  stack.  Even  then,  the  front  end 
looks  and  functions  a  bit  differently  than  what  we 
are  used  to  in  the  LAN.Take  Outlook,  for  example.  It’s 
nice  that  I  can  get  to  Outlook  from  a  Web  browser, 
but  the  look  and  functionality  is  different. 

Given  the  choice,  I  would  rather  be  on  the  LAN. 
That  is  what  I  get  with  my  IP  Security  (IPSec)  VPN 
connection.  Granted,  I  need  a  secure  client  on  my 
PC,  but  I  get  the  look  and  feel  of  the  corporate  LAN. 
At  Qwest,  we  offer  customers  connectivity  through  a 
network-based  IPSec  VPN  as  well  as  premises-based. 
With  network-based  VPNs,  customers  only  need  an 
IP  router  to  connect  to  their  VPN  to  enjoy  the  same 
features  and  functionality  as  if  directly  connected 
through  frame  relay  or  the  like.  The  router  doesn’t 
even  run  the  VPN  software,  keeping  the  installation 
and  maintenance  simple.  The  endpoints  are  fully 
meshed  in  the  cloud,  and  customers  can  choose  to 
allow  some  or  all  sites  split-tunnel  access  to  the 
Internet,  as  well  as  customized  firewall  policies  for 
extranet  access.  I  think  that  both  IPSec  and  SSL  VPNs 
have  their  place  in  the  network. 

Ronald  Subers 
Sales  engineer,  Mid-Atlantic  Region 
*  Qwest 

Philadelphia 
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PACKET  EVANGELIST 

Steven  Taylor 

The  worldwide  information  infrastructure 
is  growing  and  improving  by  leaps  and 
bounds,  while  our  ability  to  support  this 
infrastructure  is  crumbling  around  us.  That’s 
because  budgets  for  professional  develop¬ 
ment  —  training  —  have  been  cut  to  the  point 
where  many  professionals  must  learn  about 
technologies  on  their  own,  with  no  corporate  support. 

In  a  recent  informal  poll  of  the  Webtorials  community,  1  asked  these 
network  professionals  about  their  attitudes  toward  professional  con¬ 
ferences.  Not  surprisingly,  the  two  biggest  impediments  to  on-site 
training  were  lack  of  available  training  and  travel  budgets. 

But  1  was  shocked  by  some  of  the  responses.  For  instance,  when 
asked  about  funding  for  conferences,  only  slightly  more  than  half 
(55%)  indicated  that  their  companies  would  pay  for  the  training,  17% 
said  the  expenses  would  be  shared,  and  a  whopping  28%  said  they 
would  have  to  pay  personally. When  asked  about  taking  time  for  con¬ 
ferences,  the  results  got  even  worse.  Only  57%  would  be  attending  on 
company  time,  34%  would  have  to  attend  on  personal  or  vacation 
time  and  the  remaining  9%  would  have  to  use  a  combination. 

And  this  problem  is  widespread.  As  a  part  of  Webtorials’  partnership 
with  the  MPLScon  conference,  we  offered  a  full  conference  pass  to 
the  two  individuals  who  could  convince  us  that  they  were  most 
deserving.  One  winner  was  in  a  governmental  organization  that  had 
been  awarded  a  large  capital  budget  for  new  equipment, but  no  train¬ 
ing  budget.  The  other  was  a  university  faculty  member  who  is  work¬ 
ing  with  continuing  education  students.  A  truly  appalling  aspect  of 


Return  training  to  the  budget 


this  offer  was  the  number  of  requests  we  received  from  companies 
that  should  be  training  their  employees,  such  as  major  service 
providers  and  equipment  manufacturers. 

Another  disturbing  factor  is  that  these  professionals  are  the  brain  trust 
for  the  next  level  of  network  development.  When  the  Webtorials  poll 
asked  about  their  purchasing  authority  more  than  two-thirds  indicated 
that  they  had  “recommender”  authority  Where  will  we  be  in  three  to  five 
years  if  these  key  individuals  don’t  get  adequate  resources  for  doing 
their  jobs  intelligently? 

To  a  certain  extent,  training  issues  can  be  addressed  with  on-demand 
papers  and  tutorials.  But  online  training  is  only  a  part  of  the  picture.  I’ll 
do  my  part:  I’m  committed  to  helping  with  the  on-demand  part  at 
Webtorials,  and  I’ve  been  crafting  agreements  with  major  conferences 
such  as  MPLScon  and  ComNet  to  help  with  the  live  portion.  Now  I’m 
asking  you,  if  you  have  any  semblance  of  budgetary  authority  to  do 
yours.  Corporations  must  return  training  to  the  corporate  IT  budgets. 
And  service  and  equipment  providers  need  to  step  up  the  road-show 
portion  of  their  marketing  —  concentrating  on  the  smaller  metropoli¬ 
tan  areas  in  addition  to  the  “NFL  cities.” 

Ultimately,  real-time  experiences  —  including  road  shows  and  con¬ 
ferences  —  must  regain  at  least  a  part  of  their  former  role  in  the  over¬ 
all  training  picture.  Otherwise,  we’ll  have  the  technology  but  no  one 
to  run  the  network. 


Not  surprisingly, 
the  two  biggest 
impediments  to 
on-site  training 
were  lack  of 
available  training 
and  travel 
budgets. 


Taylor  is  president  of  Distributed  Networking  Associates  and  editor/ 
publisher  ofWebtorials.com.  He  can  be  reached  at  taylor@webtorials. 
com. 


TELECOM  ANALYST 

Daniel  Briere 

We’re  hearing  a  steady  hum  across 
the  industry  as  the  market  begins  to 
recover  a  little, some  forward  visibility 
starts  to  creep  in,  and  things,  well  . . .  pick  up, 
albeit  in  some  slow-growth  ways. 

However,  we’re  also  hearing  something  else: 
a  cry  for  help  in  the  form  of  simplicity  Let’s 
face  it,  not  many  people  have  time  on  their  hands  these  days.There  are 
fewer  people  in  the  offices  to  do  the  same  amount  of  work. There  are 
old  processes  to  be  thrown  out,  relics  from  a  bygone  era.  There  is  less 
patience  with  wasting  time  —  or  money.  Everyone  is  trying  to  simplify, 
simplify,  simplify 

The  problem  is  that  so  much  of  the  industry  is  still  relatively  geared 
for  a  hugely  competitive  market  that  assumes  lots  of  competitors,  lots  of 
products,  and  many  nooks  and  crannies  in  which  to  differentiate  one¬ 
self.  We’ve  said  time  and  again,  “One  product  or  company  does  not 
make  a  category?’  and  yet  companies  are  finding  that  competitors  are 
getting  swallowed  up  or  going  out  of  business.  Macro  categories  are 
starting  to  develop  where  too  much  differentiation  probably  took 
place,  and  companies  are  trying  to  reposition  into  the  next  higher  cat¬ 
egories,  where  there  are  more  competitors.This  is  true  for  telecom  play¬ 
ers  as  well  as  their  clients  —  now  is  a  good  time  to  re-evaluate  whether 
the  positioning  you  pursued  is  too“niche-y”for  today’s  market. 

The  same  is  true  of  services.  A  lot  of  pricing  plans  and  service  defi¬ 
nitions  were  the  product  of  the  super-competitive  days  when  you 
needed  lots  of  flexible  products  geared  toward  lots  of  microsegments 
—  because  there  were  competitors  in  all  areas  of  the  market.The  lack 
of  capital  and  competitors’  demise  has  reduced  this  somewhat,  and 
we’re  seeing  a  return  to  simplicity  in  product  lines.  Much  more 
bundling,  and  much  simpler  pricing. 

This  is  necessary  to  get  people  to  buy  faster  —  the  more  complex 
something  is,  the  longer  it  takes  to  evaluate  it. 

A  good  example  of  a  company  trying  to  simplify  is  SBC  Communi¬ 


Needed:  A  return  to  simplicity 


cations,  which  has  launched  all-in-one  packages  for  business,  such  as 
Business  Unlimited.  I  applaud  this  move  in  one  sense  —  it  brings  sim¬ 
plicity  to  the  buying  decision  and  makes  it  easy  to  purchase  something 
relatively  fast.  In  another  sense,  I’m  leery  of  the  long-term  competitive¬ 
ness  of  the  telephone  companies’  combined  offerings,  because  the  ele¬ 
ments  are  largely  generic  options  such  as  local  service,  long-distance, 
voice  mail  and  call  waiting  —  functions  that  are  easily  handled  via  cell 
phones  or  through  unbundled  network  element-platform  offerings. 
Bundling  is  not  going  to  stem  price  competition. 

Still,  that’s  not  the  biggest  issue  I  have.  Where  SBC  falls  down  is  that 
deciding  how  to  buy  services  from  the  darn  company  is  still  too  com¬ 
plex.  I’m  in  SNET  territory  and  I  was  looking  for  SBC’s  Business  Un¬ 
limited  Service  (announced  in  California)  on  the  SBC  Web  site  to  see 
if  1  could  get  it  in  Connecticut.  It  soon  became  obvious  I  could  not;  a 
search  of  the  Connecticut  site  found  no  hits  on  Business  Unlimited. 
However,  there  was  an  option  for  SBC  Connections  for  Business,  which 
quickly  reverted  to  a  listing  of  internal  product  codes  that  even  SBC  did 
not  try  to  expand  on;  the  site  merely  told  visitors  to  call  SBC  to  figure 
out  what  was  best  for  them.  How  lame.  I  found  what  I  was  looking  for, 
simply,  on  MCI’s  Web  site. 

That  tells  you  something.  If  there  is  one  thing  I  am  hopeful  for  with  the 
rebranding  of  MCI,  it  is  a  return  to  the  simplicity  and  innovation  that 
MCI  had  in  its  early  years.  At  one  time,  MCI  told  you, “Be  our  customer 
and  we’ll  always  guarantee  you're  on  the  best  plan  we  offer,  so  you 
don’t  have  to  worry  about  switching  plans,  ever’  I  loved  that. 

I  don’t  have  time  to  shop  around.  My  clients  don’t,  either.  Neither  do 
your  customers.  Now’s  the  time  to  look  at  the  product  lines  and  ask 
whether  they  really  need  to  be  that  complex,  or  that  niche-oriented,  or 
that  specialized.  If  you  find  yourself  getting  sick  of  all  the  brand  names 
in  your  product  lines, your  customers  could  be  sick  of  it,  too. 


Macro  categories 
are  starting  to 
develop  where  too 
much  differentia¬ 
tion  probably  took 
place . . . 


Briere  is  CEO  ofTeleChoice,  a  market  strategy  consultancy  for  the  tele¬ 
com  industry.  He  can  be  reached  at  telecomcatalyst@telechoice.  com. 
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ACCESS  CONTROL  DOESN’T  HAVE  TO  BE  A  THROUGHPUT  KILLER 

Filters  on  routers:  The  price  of  performance 
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At  the  other  end  of  the  spectrum  is 
Cisco’s  265 1  router.  It  put  up  respectable 
baseline  numbers,  but  performance 
plummeted  once  we  added  filtering.This 
is  hardly  a  surprise:The  2651  is  based  on 
a  single  CPU  and  a  scant  64M  bytes  of 
memory.  Although  we  upgraded  the  2651 
to  its  maximum  of  128M  bytes  of  RAM, its 
aging  design  is  no  match  for  other 
routers  in  this  test.  All  others  use  256M 
bytes  of  RAM,  and  most  use  custom  sili¬ 
con  such  as  network  processors  or  field- 
programmable  gate  arrays  to  boot. 

Cisco  declined  to  participate  in  this 
review,  saying  users  are  interested  in 
issues  other  than  performance.  Given 
Cisco’s  dominant  market  share,  we  pur¬ 
chased  Cisco  2651  routers  for  inclusion 
in  this  review.  We  also  shared  our 
methodology  with  Cisco,  notified  the 
company  of  our  plans,  upgraded  the 
routers’  memory  to  be  able  to  complete 
some  tests  and,  as  with  all  other  test  par¬ 
ticipants,  informed  Cisco  of  its  product’s 
results  before  publication. 

Companies  use  filters  on  access 
routers  for  all  sorts  of  reasons:  To  keep 
unauthorized  users  or  applications  out, 
to  track  usage  of  authorized  applications 
and  to  restrict  access  to  the  router.  (See 
Internet  Engineering  Task  Force  Guide¬ 
lines  at  www.nwfusion.com,  DocFinder: 
6724,  and  “Filtering  Dos  and  Don’ts,” 
Page  36.) 

Getting  the  numbers 

We  measured  the  performance  effect 
of  filtering  with  three  metrics:  through¬ 
put,  average  latency  and  maximum 
latency  (see  How  we  did  it,  DocFinder: 
6726).  To  determine  routers’  ability  to 
recover  from  failure,  we  also  measured 
reboot  times  under  load  for  each 
device. 

Our  test  setup  consisted  of  a  pair  of 
identical  routers  connected  by  two  T-l 
interfaces  using  crossover  cables  (see 
test  diagram,  DocFinder:  6727).  The 
product  configurations  —  routers  with 
two  T-ls  and  two  Ethernet  interfaces  — 


■  BY  DAVID  NEWMAN,  NETWORK  WORLD  GLOBAL  TEST  ALLIANCE 

Setting  filters  on  routers  might  be  mandatory  for  access  control  and  usage 
tracking,  but  suffering  a  performance  hit  is  strictly  optional. 

We  took  six  access  routers  from  five  vendors  and  loaded  the  devices  with 
progressively  larger  numbers  of  filters  and  routes.  Routers  from 
ImageStream,  Lucent,  Riverstone  and  Tasman  didn’t  break  a  sweat,  delivering  essen¬ 
tially  the  same  latency  and  throughput  with  hundreds  of  filters  and  large  routing 
tables  as  they  did  with  bare-bones  configurations. 


are  arguably  the  most  commonly  found 
devices  in  any  corporation’s  routing 
setup. 

To  determine  the  performance  impact 
of  filtering  on  this  class  of  device,  we 
began  with  a  baseline  case  of  no  filters 
and  no  routing,  and  then  added  ever- 
larger  numbers  of  filtering  and  routing 
conditions. 

In  the  filtering  cases,  we  asked  vendors 
to  configure  one  router  with  filters  cov¬ 
ering  multiple  conditions:  source  and 
destination  IP  address;  protocol  num¬ 
ber;  and  TCP  or  User  Datagram  Protocol 
(UDP)  port  number.  We  asked  vendors 
to  set  their  last  filter  as  the  one  we’d  use 
for  test  traffic,  forcing  the  routers  to  cycle 
through  their  entire  filter  list.  Vendors 
also  enabled  logging, so  we’d  know  how 
many  packets  “hit”  each  filter.  Tests  were 
run  with  eight,  16,64  and  256  unique  fil¬ 
ters  applied. 

In  the  routing  test  cases,  we  asked  ven¬ 
dors  not  only  to  apply  various  numbers 
of  filters  but  also  to  enable  two  routing 
protocols  —  Border  Gateway  Protocol 
(BGP)  and  Open  Shortest  Path  First 
(OSPF). 


We  ran  through  the  various  numbers 
of  filters  with  two  routing  scenarios, 
dubbed  “small  tables”  and  “big  tables.”  In 
the  small-table  case,  we  advertised 
reachability  information  for  64  networks 
each  over  BGP  and  OSPF  That’s  the  sort 
of  table  size  a  small  or  midsize  business 
might  run. 

In  the  big-table  case,  we  advertised 
125,000  routes  using  BGP  and  4,096 
using  OSPF  The  first  number  represents 
the  current  size  of  the  Internet  “full 
table”  —  the  total  number  of  networks 
visible  in  the  global  Internet.The  second 
number  represents  about  10%  of  the  size 
of  a  Tier-1  ISP’s  OSPF  Area  0  network  — 
the  core  of  any  OSPF  network. 

Holding  the  full  Internet  table  might 
seem  like  a  lot  to  ask  of  an  access  router. 
However,  a  growing  number  of  corpora¬ 
tions  use  multi-homed  connections  — 
BGP  connections  to  different  ISPs  for 
redundancy  —  and  their  actual  table 
size  might  be  at  least  twice  as  large  as 
the  one  we  used. 

First  things  fast 

When  it  comes  to  throughput,  there’s 


only  one  right  result:  line  rate.  Five  of  the 
six  products  achieved  that  result,  no 
matter  what  the  frame  size,  filter  count 
or  number  of  routes  involved  (see 
graphic,  below). 

This  isn’t  terribly  surprising,  consider¬ 
ing  the  bottleneck  in  our  test  bed  was 
two  T-ls  connecting  the  routers.  In  this 
era,  when  $400  desktop  machines  can 
push  100M  bit/sec  or  more,  the  ability  to 
move  data  at  3M  bit/sec  should  be  a 
given  —  even  when  the  load  consists 
entirely  of  minimum-sized  packets,  and 
the  router  carries  a  large  number  of  fil¬ 
ters  and  large  routing  tables. 

The  exception  in  this  test  was  Cisco’s 
2651.  Like  the  other  routers,  it  moved 
short  packets  at  line  rate,  but  only  in  the 
baseline  case  with  no  filters  or  dynamic 
routing  applied.  Once  those  features 
were  turned  on,  throughput  really  tum¬ 
bled.  At  best,  throughput  was  less  than 


■I  Baseline 

■  8  filters 

■  16  filters 
64  filters 

■  256  filters 

■  Small  routing  tables,  8  filters 

■  Small  routing  tables,  16  filters 

■  Small  routing  tables,  64  filters 

■  Small  routing  tables,  256  filters 

■  Large  routing  tables,  8  filters 

■  Large  routing  tables,  16  fitters 
Large  routing  tables,  64  filters 

■  Large  routing  tables,  256  filters 


Charting  router  throughput  with  64-byte  frames 

In  the  most  stressful  throughput  test,  in  which  we  pushed  64-byte  frames 
through  a  pair  of  access  routers,  five  of  the  six  systems  performed  without 
a  hitch  no  matter  how  many  filters  or  routing  tables  we  threw  at  them. 
But  with  Cisco’s  2651  router,  we  saw  throughput  drop  off  dramatically 
when  we  added  any  combination  of  filters  and  routing  tables. 

Aggregate  throughput  (frames  per  second) 
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; '  "•  Filters  can  pemut-  or  (te/iy  virtually  any  kind  of  traf¬ 
fic'  —  up  to  a  point;  -F^reafe  some  basic  dos  and 
don'ts  for  filter  u§age:-. 

•  Do  prevent  addresg  spoofing  at  the  edge  of  a  com¬ 
pany's  netwQck.  At  minimum,  routers  at  the  edge  of  a 
Company  should  clack  inbound  traffic  with  source  IP 
addresses  dairying  to  be  from  internal  networks. 
Similarly,  the  source  IP  address  of  any  outbound 
•packet  should  only  be  from  an  internal  network. 

>  Do  prevent  bogus  routes.  Some  I P  addresses  should 
never  be  seen  on  the  Internet. These  include  not  only  the 
private  addresses  specified  in  RFC  1918  but  also  those 
networks  designated  as  reserved  by  the  Internet 
Assigned  Numbers  Authority  (IANA)  (see  DocFinders: 
'6721  and  6722).  lANA-reserved  routes,  known  as 
bogons,  change-over  time,  so  it's  a  good  idea  to  keep 
current  on  which  networks  to  block.  One  good  source 
is  the  bogon -announce  mailing  list.  Details,  a  filtering 
FAQ  and  links  to  other  filtering  information  are  avail¬ 
able  on  the  Web  (see  DocFinder:  6723). 

•  Do  block  unwanted  applications.  An  easy  method 
for  stopping  unwanted  traffic  is  simply  to  filter  on  the 
well-known  protocol  and/or  port  numbers  that  a  given 


application,  uses.  For  example,  a  router  could  block 
outbound  telnet  sessions  by  dropping  any  packet  with 
destination  TCP  Port  23.  The  major  caveat  with  this 
technique  is  that  it  does  not  protect  against  rogue 
applications  that  change  port  numbers,  for  example 
by  sending  peer-to-peer  traffic  over  Port  80  (which  is 
reserved  for  Web  traffic). 

•  Do  track  usage:  How  many  times  did  users  visit  a 
given  network?  How  much  bandwidth  did  a  given 
application  consume?  Most  routers'  filters  can  be  set 
to  answer  these  questions  by  logging  the  number  of 
times  a  filter  was  invoked.  In  the  case  of  Cisco’s 
access  lists,  enabling  logging  is  simple:  Just  append 
the  word  "log"  at  the  end  of  the  filtering  conditions. 
Some  other  devices,  such  as  those  from  Enterasys 
Networks  and  Tasman,  automatically  log  by  default. 

•  Do  lighten  the  load.  Our  test  results  and  Cisco 
documentation  agree:  Packet  filtering  can  impose 
several  performance  penalties  on  Cisco  routers.  One 
strategy  that  considerably  reduces  CPU  utilization  is 
to  use  routing  instead  of  filtering.  For  example,  it's 
possible  to  route  traffic  to  or  from  unwanted 
addresses  to  the  nullO  interface. 


•  Do  pay  attention  to  order.  Routers  process  filters 
in  order.  For  every  packet  that  comes  in,  a  router 
checks  the  packet  against  its  first  filter,  its  second  fil¬ 
ter  and  so  on  until  it  finds  a  match,  if  the  first  rule  in 
an  access  control  list  (ACL)  is  to  deny  all  traffic,  the 
router  won’t  forward  any  packets.  It's  a  good  practice 
to  end  an  ACL  with  a  deny-all  filter,  but  be  sure  it's 
preceded  by  filters  that  explicitly  allow  traffic  that 
should  be  permitted. 

•  Don't  forget  about  routing.  As  soon  as  a  single  fil¬ 
ter  is  invoked,  many  routers  automatically  will  block 
traffic  unless  it  is  expressly  permitted.  A  common 
error  when  configuring  ACLs  is  to  omit  filters  that 
permit  routing  traffic  to  pass. 

•  Don't  use  routers  in  place  of  firewalls.  Packet  filters 
block  access,  but  that's  where  the  similarities  to  fire¬ 
walls  end.  As  a  network-layer  device,  a  router  can't 
track  state  on  transport-  or  application-layer  sessions, 
both  critical  requirements  of  a  firewall.  Packet  filtering 
offers  some  security  (and  it’s  certainly  better  than 
nothing),  but  it  won’t  prevent  an  attacker  from  mount 
ing  many  attacks  a  firewall  could  stop. 

—  David  Newman 


30%  of  the  theoretical  maximum  once  fil¬ 
tering  was  activated.  With  routing  and  fil¬ 
tering  set,  throughput  in  some  cases 
dropped  to  just  7%  of  the  two  T-ls’ capacity 

Cisco’s  documentation  warns  that 
access  lists  can  have  an  adverse  effect  on 
performance.These  results  put  numbers  to 
that  warning. 

The  265 l’s  troubles  in  this  test  merit 
two  other  comments.  First,  in  fairness  to 
Cisco  it’s  unlikely  the  company’s  network 
design  consultants  would  recommend 
the  2651  for  any  customer  with  require¬ 
ments  like  ours. Then  again,  Cisco’s  pub¬ 
lic  relations  recommended  we  use  the 
lower-performing  1710  after  reviewing 


our  test  methodology 

Second,  the  2651  is  supplied  with  64M 
bytes  of  RAM,  compared  with  256M  bytes 
for  all  the  other  routers  in  this  review.  With 
just  64M  bytes  of  memory  we  couldn’t 
complete  the  big-routing  test  cases  with 
the  2651, so  we  upgraded  its  RAM  to  128M 
bytes  —  the  most  it  will  hold. 

Of  course,  no  production  network  carries 
a  load  consisting  exclusively  of  64-byte 
frames,  so  we  also  conducted  tests  with 
medium-  and  maximum-length  frames. 
While  some  applications,  such  as  voice 
over  IRconsist  mainly  of  short  frames,  the 
average  frame  length  on  many  IP  net¬ 
works  is  somewhere  in  the  300-byte  range, 


and  many  applications  use  maximum- 
length  frames  to  move  data. We  tested  with 
256-  and  1,518-byte  frames. 

When  handling  256-byte  frames,  the 
Cisco  2651’s  throughput  again  fell  off  from 
line  rate,  but  not  as  badly  as  with  64-byte 
frames;  this  time  the  worst-case  rate  was 
29%  of  the  maximum,  compared  with  7% 
for  short  frames.  The  265 1  moved  data  at 
line  rate  with  no  routing  and  up  to  64  fil¬ 
ters  configured,  both  without  routing  and 
with  small  routing  tables.  However,  rates 
dropped  to  29%  of  the  theoretical  limit 
when  we  loaded  large  routing  tables  on 
the  2651.  All  other  devices  moved  traffic  at 
line  rate. 


A  look  at  router  latency:  64-byte  frames 


Latency  across  two 
routers  (microsec) 


With  filters  applied,  maximum  latency  ranged 
anywhere  from  38,182  to  261,632  microsec. 


Throughput  with  1,518-byte  frames  was 
line  rate  in  all  cases,  as  it  was  for  all  other 
devices.This  is  hardly  surprising  given  that 
frame  rates  for  long  frames  are  a  tiny  frac¬ 
tion  of  those  for  short  frames. 

The  delay  game 

There  might  not  have  been  major  differ¬ 
ences  among  products  in  throughput 
(Cisco  excepted),  but  there  certainly  were 
when  it  came  to  latency 
In  many  ways,  latency  —  the  delay  added 
See  Routers,  page  38 


The  theoretical  latency  for  64-byte  frames  passing  through  a  pair  of  routers  at  T-1  speeds  is  500  microsec.  In  terms 
of  average  latency  measurements,  several  of  the  routers  tested  hit  or  came  close  to  that  mark,  with  the  remainder 
getting  within  500  to  1,000  microsec  reach  of  that  goal.  However,  some  devices’  maximum  latency  spiked  much  higher. 
These  spikes,  some  registering  more  than  100,000  microsec,  can  degrade  application  performance  significantly  or 
even  lead  to  session  timeouts. 
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Introducing  IBM  DB2  Information  Integrator  -  the  brand-new  software  that  turns  everything  in  its  path  into 
insight  and  opportunity:  rows  and  columns,  video  and  e-mail,  audio  and  Web.  It  works  wherever  your 
data  lives:  Oracle,  Microsoft  or  IBM.  It  works  in  real  time,  across  platforms:  Linux’"  Windows?  UNIX.  Insight 
is  yours.  On  demand.  Faster  than  ever.  For  a  DB2  Information  Integrator  Kit,  visit  ibm.com/db2/integrate 
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by  a  device  as  a  packet  travels  through  it 
—  is  an  even  more  important  metric  than 
throughput.  Latency  affects  every  packet, 
no  matter  how  busy  the  network.  Low  and 
consistent  latency  is  critical  not  just  for 
voice  and  video  applications,  but  for  any 
application  where  response  time  matters. 
That  definitely  includes  the  roughly  90%  of 
all  Internet  traffic  that  uses  TCP  Because 
TCP  requires  timely  acknowledgement  of 
data,  delays  can  lead  to  retransmissions  or 
session  loss. 

Even  at  relatively  slow  T-l  rates,  latency 
for  64-byte  packets  can  theoretically  be 
500  microsec  or  less. The  Riverstone  3000 
and  the  Tasman  1004  stuck  pretty  close  to 
that  theoretical  mark  when  we  looked  at 
average  latency  (see  graphic, Page  36), but 
that’s  not  indicative  of  what  we  saw  in 
other  cases.  Going  across  two  routers, 
Cisco’s  2651,ImageStream’s  Rebel  and  the 
Tasman  1400  registered  average  latency 
scores  that  were  nearly  double  that. 

There’s  no  one  good  answer  as  to  how 
much  latency  is  acceptable.  Humans  per¬ 
ceive  degraded  video  quality  with  delays  of 
as  little  as  10,000  microsec,  and  degraded 
audio  quality  with  delays  of  50,000  to 
200,000  microsec.  For  data  applications,  the 
threshold  might  be  higher  (sometimes 
much  higher). 

But  this  doesn’t  excuse  a  router  that  adds, 
say,  100,000  microsec  of  latency  Keep  in 
mind  that  these  numbers  are  delays  per¬ 
ceived  by  end  users  —  and  there  are  many 
other  components,  such  as  other  routers, 
attached  computers  and  software  stacks,  in 
play  each  adding  delay  of  their  own.  Any 
router  that  adds  enough  delay  to  mess  with 
application  performance  is  a  problem. 

In  the  worst  case,  with  a  256-rule  access 
control  list  and  large  routing  tables,  maxi¬ 
mum  latency  for  the  Cisco  2651  shot  up  to 
just  over  261,000  microsec.  Even  at  T-l 


rates,  that’s  a  huge  delay.  To  put  that  num¬ 
ber  in  perspective, consider  that  a  beam  of 
light  could  circle  the  Earth  nearly  twice  in 
the  time  it  took  for  a  pair  of  19-inch-wide 
Cisco  boxes  to  forward  one  packet  under 
our  applied  load. 

Cisco’s  high  maximum-latency  numbers 
led  us  to  take  two  steps.  First,  the  charts’ Y 
axis  had  to  be  broken  so  we  could  show 
differences  among  other  routers.  Second, 
additional  tests  of  the  2651  were  run  to 
determine  if  the  maximum  numbers  are 
outliers. 

In  absolute  terms,  they  are  outliers:  More 
than  99%  of  all  frames  have  latencies  of 
10,000  microsec  or  less.  However,  there  are 
significant  numbers  of  frames  with  laten¬ 
cies  of  many  thousands  of  microseconds. 
These  numbers  can  result  in  degraded 
performance,  especially  for  delay-sensitive 
voice  and  video  applications.  Jitter  — 
variation  in  delay  among  packets  —  is 
even  more  harmful  to  voice  and  video  ap¬ 
plications  than  high  latency  itself. 

Not  all  vendors  exhibited  big  differences 
between  average  and  maximum  latency 
ImageStream’s  Rebel  fared  the  best  in  this 
regard;  across  all  tests,  it  had  the  smallest 
difference  between  average  and  maxi¬ 
mum  latency 

Riverstone’s  3000  also  had  little  difference 
between  average  and  maximum.  It  also 
posted  the  lowest  average  latency  across  all 
tests  with  short  frames  and  the  least 
amount  of  variation  among  different  test 
cases.Tasman’s  1004  posted  the  next-lowest 
average  latency  but  its  maximum  latency 
was  substantially  higher  than  the  River¬ 
stone  3000’s  in  most  test  cases.  In  fairness, 
the  Riverstone  device  is  really  a  metropoli¬ 
tan  edge  device  with  considerably  more 
processing  power  than  the  Tasman  1004 
access  device.  That  difference  also  shows 
up  in  pricing  —  Riverstone’s  box  costs  at 
least  twice  as  much  as  the  Tasman  device. 

Lucent’s  Access  Point  1500  presented  a 
special  case.  According  to  the  router  testing 


RFC  (see  DocFinder.  6725),  latency  is  sup¬ 
posed  to  be  measured  at  the  throughput 
level.  However,  the  Lucent  Access  Point 
1500’s  buffers  are  so  large  that  we  exceeded 
line  rate  when  measuring  throughput  —  so 
much  so  that  the  routers  continued  to  for¬ 
ward  packets  for  up  to  17  seconds  after  the 
test  was  stopped. This  led  to  absurdly  high 
latency  readings.  Lucent  reduced  the  size  of 
its  buffers  for  this  test  but  even  so  recorded 
higher  maximum-latency  readings  com¬ 
pared  with  most  other  routers.  Big  buffers 
can  be  helpful,  especially  if  most  traffic  is 
bulk  data  transfer,  but  users  looking  to 
deploy  the  Lucent  routers  for  delay-sensi¬ 
tive  applications  might  want  to  reduce 
buffer  size.  It  definitely  helped  in  our  test 
case:  Average  latency  measurements  hov¬ 
ered  around  2,000  microsec,  third  lowest  in 
our  256-byte  test  case. 

With  256-byte  frames,  average  latency  dif¬ 
ferences  among  products  were  somewhat 
less  pronounced  (see  graphic,  below). 
Riverstone’s  3000  and  Tasman’s  1004  again 
had  the  lowest  average  latencies  across  all 
test  cases.  The  ImageStream  Rebel  and 
Riverstone  3000  exhibited  the  least  varia¬ 
tion  among  different  test  cases,  suggesting 
that  latency  won’t  be  affected  no  matter 
how  many  filters  or  routes  are  involved. 

While  average  latencies  were  improved 
with  medium-size  frames,  Cisco’s  2651 
again  struggled  with  high  maximum  laten¬ 
cies.  The  worst-case  measurement  of  just 
over  253,000  microsec  was  basically  the 
same  as  the  64-byte  case.The  265 1  also  reg¬ 
istered  the  largest  difference  between  aver¬ 
age  and  maximum  latency  in  all  cases. 
Here  again,  the  Cisco  router’s  latency  is 
high  enough  to  disrupt  virtually  any  delay- 
sensitive  application  —  and  that’s  without 
factoring  for  all  the  other  elements  that 
must  process  the  traffic  stream. 

At  the  other  end  of  the  scale,  Riverstone’s 
3000  and  ImageStream’s  Rebel  registered 
relatively  little  difference  between  average 
and  maximum  delay  —  an  indication  of 


these  devices’ suitability  for  delay-sensitive 
applications.  However,  the  Riverstone 
router’s  maximum  delays  did  spike  up¬ 
ward  when  running  large  routing  tables. 

With  maximum-length  frames  —  the  sort 
used  in  Web  and  FTP  applications  —  most 
routers  registered  average  latencies  close 
to  the  theoretical  minimum  of  8,000 
microsec  (see  graphic,  DocFinder:  6738). 
Cisco’s  2651  was  again  the  exception,  with 
average  latencies  that  averaged  16,000 
microsec  across  all  tests.  The  lowest  over¬ 
all  latency  belongs  to  Tasman’s  1004, 
which  delayed  maximum-length  frames 
across  a  pair  of  routers  by  an  average  of 
9,400  microsec  across  all  test  cases. 

When  it  comes  to  maximum  latency 
Cisco’s  2651  again  posted  by  far  the  highest 
delays.  Its  numbers  were  more  than  200,000 
microsec  in  the  test  cases  with  16  or  more 
filters  and  large  routing  tables.  Maximum 
delays  for  ImageStream’s  Rebel,  while  an 
order  of  magnitude  smaller  than  Cisco’s, 
were  relatively  high  compared  with  the 
Rebel’s  average  delays.  The  vendor  attrib¬ 
utes  the  difference  to  a  polling  process  used 
with  an  Intel  chipset  in  its  devices. We  don’t 
consider  the  Rebel’s  maximum  delays  high 
enough  to  have  a  significant  negative  effect 
on  application  performance. 

Lucent’s  Access  Fbint  1500  also  showed 
relatively  high  maximum  latencies  in  a  cou¬ 
ple  of  the  large-routing-table  test  cases.  As  a 
rule,  however,  most  routers  delayed  packets 
by  the  same  amount  regardless  of  the 
amount  of  filtering  or  routing  going  on  with 
the  large  frames.  Lucent’s  routers  might 
have  struggled  a  bit  with  our  huge  routing 
tables,  but,  in  general,  the  delay  they  intro¬ 
duced  was  not  enough  to  degrade  perfor¬ 
mance  of  any  application. 

Reboot  time 

Availability  is  always  a  concern  for  any 

See  Routers,  page  40 


Another  look  at  router  latency:  256-byte  frames 


Various  traffic  studies  suggest  the  average  IP  packet  length  is  somewhere  between  200  and  400  bytes.  We  measured 
average  and  maximum  latency  with  256-byte  Ethernet  frames  and  found  results  similar  to  those  for  64-byte  frames. 


Latency  across  two 
routers  (microsec) 


10,000 


8,000 


6,000 


4,000 


2,000 


i 


Latency  numbers  range  from 
32,970  to  253,058  microsec 


Baseline 
8  filters 
16  filters 
64  filters 
256  filters 

Small  routing  tables,  8  filters 
Small  routing  tables,  16  fitters 
Small  routing  tables,  64  filters 
Small  routing  tables,  256  fitters 
Large  routing  tables,  8  filters 
Large  routing  tables,  16  filters 
Large  routing  tables,  64  filters 
Large  routing  tables,  256  filters 


Average  Maximum 

Cisco  2851 


Average  Maximum 

ImageStream  Rebel 


Maximum 

Lucent  Access  Point  1500 


Average  Maximum 

Riverstone  3000 


Average  Maximum 

Tasman  1004 


Average  Maximum 

Tasman  1400 


jAgvf- 


r'-'J  f 


See  it  fixed  before  its  broken 


See  the  problem  before  it  occurs. 
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than  ever.  You’ll  spend  less  time  worrying  about  mundane  tasks  and  more  time  on  important  things  — 
like  business  results.  For  a  customized  analysis  of  how  Tivoli  can  help  you,  visit  ibm.com/tivoli/seeit 
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■Here’s  a  quick  rundown  oh  key  router  features: 
Interface  support:  Gd/pgrations  with  numerous 
branch  offices  probably  have  numerous  WAN 
access  technologies,  including  T-i,  E-T.T-3,  ISDN  and 
dial-up  modems.  On  the  LAN  side,  all  routers  sup¬ 
port  various  flavors  of  Ethernet.  ImageStream  and 
Riverstone  offer  Gigabit  Ethernet  as  an  option  (as 
■  does  Cisco  in  other  models  not  tested  for  this 
review).  However,  given  the  speed  mismatch  with 
most  of  the, serial  interfaces  listed  here,  Gigabit 
Ethernet  support  is  important  mainly  for  LAN-to- 
LAN  routing.  ImageStream  also  supports  802.11b 
wireless  interfaces. 

Unicast  routing:  Because  Border  Gateway  Pro¬ 
tocol  and  Open  Shortest  Path  First  support  were 
requirements  to  be  in  this  test,  all  vendors  support 
it.  The  key  differences  in  protocol  support  cover  IPX, 
used  by  Novell  NetWare,  and  supported  only  by 
Cisco:  and  intermediate  system-to-intermediate  sys¬ 
tem.  a  routing  protocol  used  mainly  by  ISPs  and 
supported  by  all  vendors  except  Tasman. 

Multicast  routing:  All  vendors  support  at  least  some 
form  of  multicast  routing.  Lucent  supports  only  the 
older  distance  vector  multicast  routing  protocol,  while 
all  other  vendors  support  protocol-independent  multi¬ 
cast  in  either  its  dense-  or  sparse-mode  variations  (or 
both). 

Packet  filtering:  While  source  or  destination  IP 


address  are  the  most  common  filter  criteria,  most 
routers  support  numerous  other  options.  In  the  IP 
header,  all  routers  support  filtering  by  protocol  num¬ 
ber  or  type-of -service  (TOS)  field  contents.  All  ex- 
ceptTasman’s  support  filtering  on  Differentiated 
Services  Code  Point,  another  quality-of-service 
rpechanism  that  is  a  superset  of  the  TOS  field.  All 
routers  except  Tasman's  also  filter  on  Layer  2  crite¬ 
ria  such  as  Ethernet  media  access  control  address¬ 
es  and  virtual  LAN  IDs.  All  routers  also  filter  on 
Layer  4  criteria  such  as  TCP/User  Datagram  Pro¬ 
tocol  port  numbers  and  flag  settings. 

IPv6  support:  Cisco  and  ImageStream  support 
IPv6  forwarding.  ImageStream  also  says  it  supports 
IPv6  routing,  but  the  company  did  not  specify  which 
v6  routing  protocols  it  uses. 

Route  redistribution:  Redistribution  —  the  ability 
to  learn  routes  via  one  protocol  and  then  re-adver- 
tise  them  using  another-  is  a  must-have  in  routing. 
All  vendors  support  this  feature.  Note  that  route  dis¬ 
tribution  is  not  the  same  as  route  leaking,  in  which 
all  learned  routes  are  shared  in  one  common  table. 

SNMP  support:  Management  Information  Base 
(MIB)  II  has  been  around  for  more  than  12  years,  so 
it’s  no  surprise  that  all  vendors  support  it.  All  ven¬ 
dors  except  Tasman  also  support  SNMPv3,  which 
provides  strong  authentication  and  encryption  of 
management  traffic  -  features  missing  from  earli¬ 
er  versions  of  SNMP. 

RMON  support:  The  Remote  Monitoring  MIB  is 
useful  in  gathering  device  statistics,  history  and 
alarms.  Only  Cisco  and  Riverstone  support  it,  and 
only  Riverstone  supports  both  RMON  I  and  RMON 
II  versions  of  the  MIB. 

SSH  support:  Secure  Shell,  supported  by  all  routers, 
is  far  preferable  to  telnet  in  that  it  provides  authenti¬ 
cation  and  strong  encryption  when  remotely  adminis¬ 
tering  routers.  Unfortunately,  Cisco  only  supports 
SSH  Version  1  despite  its  well-documented  history  of 
vulnerabilities.  For  the  other  routers  tested,  support 


for  Version  2  does  not  automatically  ensure  a  secure 
environment:  security  advisories  from  CERT  (see 
DocFinder:  6728)  and  elsewhere  counsel  users  to  dis¬ 
able  Version  1  as  well. 

Web/SSL  access:  Web-based  management  might 
be  convenient,  but  it  poses  the  same  security  risks 
as  telnet:  no  authentication  and  no  encryption.  A 
better  choice  is  Secure  Sockets  Layer  (SSL),  sup 
ported  by  ImageStream,  Lucent  and  Riverstone. 
SSL-secured  Web  sessions  generally  are  considered 
somewhat  less  secure  than  SSH  but  they  are  far 
preferable  to  sending  traffic  in  the  clear. 

Failover  mechanisms:  For  many  users,  high  a.  iilaL  i 
ity  is  the  single-most  important  requirement  of  routing 
infrastructure.  To  that  end,  routers  from  all  vendors 
tested  except  Cisco  support  virtual  router  redundancy 
protocol,  a  standards-based  mechanism  in  which  one 
router  takes  over  the  duties  of  another  if  one  fails. 
Cisco  supports  the  hot  standby  routing  protocol,  a 
proprietary  alternative.  Riverstone  offers  Multi-proto¬ 
col  Label  Switching  users  redundancy  through  a  fail¬ 
over  mechanism  based  on  the  label  switched  proto¬ 
col,  and  Tasman  offers  failover  of  multilink  T-1  bundles. 

Redundant  components:  There  is  considerable 
variation  in  the  amount  of  hardware  redundancy  in 
these  routers,  ranging  from  none  (in  the  Lucent  and 
low-end  ImageStream  boxes)  to  duplicated  power 
supplies,  fans  and  routing  modules  in  the  higher-end 
ImageStream  routers. 

Price:  The  adage  that  no  one  pays  list  price  might 
hold  true,  but  even  so  there  are  big  differences  in 
the  starting  point  for  negotiating  discounts.  Prices 
for  the  routers  listed  here  range  from  about  $2,700 
for  the  low-end  ImageStream  R1  to  about  $14,600 
for  the  same  company's  Enterprise  device.  Curi¬ 
ously,  there  is  no  difference  in  port  density  between 
the  least-expensive  device  in  this  review  Image- 
Stream's  R1  —  and  the  second  most  expensive  of 
the  boxes  tested,  Lucent's  Access  Point  1500. 

—  David  Newman 


Routers 

Continued  from  page  38 

type  of  network  device.  While  all  the 
routers  in  this  test  offer  features  such  as 
support  for  failover  protocols  and/or 
redundant  components,  it’s  still  possible 
that  other  factors  can  take  a  router  out  of 
circulation. Total  loss  of  power  is  an  obvi¬ 
ous  example  —  and  one  that  all  the 
redundancy  in  the  world  won’t  help. 

To  assess  how  quickly  devices  recover 
from  a  loss  of  power,  we  loaded  each 
route  with  ;he  same  line-rate  stream  of 
64-byte  traffic  we  used  in  the  filtering 
tests.  We  did  not  set  any  filters  or  use 
dynamic  routing,  so  we  knew  all  routers 
were  capable  of  forwarding  traffic  at  line 
rate  without  loss. 

Once  a  router  began  forwarding  traffic, 
we  used  an  automated  power  switch  to 
power  it  off,  wait  5  seconds  and  then 
power  it  up  again.  Because  we  offered  traf¬ 
fic  at  a  constant  rate  throughout  the  test, 
we  were  able  to  derive  recovery'  time  from 
frame-loss  counts. 


Lucent’s  Access  Point  1500  recovered 
the  fastest,  at  just  23.6  seconds. The  clos¬ 
est  competitor,  ImageStream’s  Rebel, 
came  back  to  life  after  64.5  seconds  of 
downtime.  The  Tasman  1004  and  the 
Tasman  1400  took  83  and  109.4  seconds, 
respectively,  to  come  back.  Riverstone’s 
box  recovered  in  123.7  seconds,  while 
Cisco’s  265 l’s  recovery  time  was  146.7 
seconds. 

The  simple  and  not  terribly  surprising 
conclusion  from  these  tests  is  that  Cisco’s 
aging  design  (a  single  CPU  and  limited 
memory)  doesn’t  perform  at  anywhere 
near  the  same  level  as  more  modern 
designs  with  more  memory  and  hardware 
acceleration.  Even  at  T-1  rates,  there  are 
performance  differences  among  products 
—  and  fortunately  for  end  users,  numer¬ 
ous  options  to  choose  from  as  well. 

Newman  is  president  of  Network  Test  in 
Westlake  Village,  Calif.,  an  independent 
benchmarking  and  network  design  con¬ 
sultancy.  He  can  be  reached  at  dnewrnan@ 
network  test.  com. 
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Complimentary  Event  for  Qualified  Attendees! 


Learn  the  Latest  about  Security 


TECHNOLOGY  TOUR 


Viruses.  Hackers.  Disgruntled  employees.  Your  corporate  network  faces  endless 
security  threats.  And  as  more  laptops,  PDAs  and  mobile  devices  access  net¬ 
works,  your  exposure  only  increases.  In  a  recent  Computer  Security  Institute 
survey  more  than  90%  of  respondents  reported  a  security  breach  within  the 
past  18  months.  And  80%  of  those  suffered  a  financial  loss.  So  it's  not  enough  for  an 
IT  manager  to  simply  secure  the  perimeter.  Your  strategies  must  reach  deeper  into 
the  network  as  well  as  out  to  the  devices  that  access  your  system.  Do  you  have 
the  answers  you  need  at  every  point.. .port-level  firewalls,  intrusion  detection  and 
prevention,  802. lx  wireless  protection?  Do  you  know  the  right  questions  to  ask? 

And  are  you  getting  real  solutions  that  help  you  defend  and  win  enterprise-wide? 


■  Conduct  vulnerability  assessments 

■  Embed  security  in  handhelds,  laptops 
and  other  mobile  devices 

■  Deploy  intrusion  detection  and  tools 

■  Select  the  right  VPN  for  your 
prevention  environment 

■  Ensure  end-to-end  security  for 
broadband  and  wireless  users 


Join  us  for  Network  World's  Security  Technology  Tour:  "Protecting  the  Enterprise  and 
its  Assets."  Let  security  expert  Joel  Snyder  and  other  top  security  companies  show 
you  how  to  choose  and  implement  the  most  effective  and  efficient  tools  for  your 
network.  This  one-day  seminar  is  free  to  qualified  professionals,  but  space  is  limited. 
Register  now  to  be  safely  included! 


■  Develop  and  testing  on-site  and  off¬ 
site  disaster  recovery/backup  plans 

■  Improve  network  protection  with 
common  tools  such  as  firewalls  and 
virus  scanners 


PRE-REGISTRATION  FOR  THIS  COMPLIMENTARY  EVENT  IS  REQUIRED.  RESERVE  YOUR  SEAT  NOW! 

Online  at  www.nwfusion.com/events/security2 
or  call  1-800-643-4668 


PLATINUM  PRESENTING  SPONSORS: 


GOLD  EXHIBITING  SPONSORS: 


Cisco  Systems 


FOUNDRY 

NETWORKS 


Lancope 


eSoft 


bftur 


n*1wert  MCunty.* 


ForeScout 

Protection  by  Proven  Intent 


Global 
Technology 
Associates,  Inc. 


O  R£!™eo-  SOLSOFT 


Top 

layer 


Secure  Identity  Management 


V  ■  en r  muted  to  Network  and  IT  professionals  involved  in  the  evaluation  and  purchase  of  Security  products  and  services.  Network  World  reserves  the  right  to  determine  the  audience 

profile  of  attendees  participating  on  a  complimentary  basis.  Paid  registration  is  also  available. 

To  sj.  >nsor  this  Network  World  event  or  if  you  are  interested  in  on-site  training  for  your  company,  contact  Andrea  D'Amato  at  508-490-6520  or  adamato@nww.com. 


www.nwfusion.com 
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BUSINESS  JUSTIFICATION 


Wrangling  wireless  costs 

Nail  down  a  contract  and  track  usage  to  keep  your  employees’  cell  phone  bills  low. 


NelworkWorid  □ 


■  BY  DENISE  PAPPALARDO 


As  business  becomes  ever  more  dependent  on  mobile  communi¬ 
cations,  the  cost  of  keeping  employees  untethered  is  soaring.  In-Stat 
MDR  estimates  that  companies  will  spend  $12  billion  on  wireless 
services  this  year.  If  these  expenses  aren’t  being  managed  well,  cor¬ 
porations  are  probably  overpaying. 


“Wireless  provides  lots  of  efficiencies  and 
improves  productivity  for  mobile  users,  but 
companies  need  to  take  control  of  the 
costs,” says  Philip  Redman,  research  vice 
president  for  Gartner.  Companies  should 
implement  a  policy  for  wireless  adoption, 
usage  and  management,  and  negotiate  a 
corporate-wide  service  contract,  he  says. 

“Enterprises  with  consistent  and  docu¬ 
mented  policies,  coordinated  service  adop¬ 
tion  and  stringent  management  of  wireless 
services  will  save  15%  to  35%, ’’Redman  says. 
Sure,  this  takes  time,  but  the  payoff  is  money 
in  the  bank. 

There  are  several  things  to  consider  when 
developing  a  policy,  including  which  em¬ 
ployees  get  company-paid  service,  personal 
vs.  business  usage,  how  wireless  service 
should  be  expensed,  and  what  security  pro¬ 
cedures  wireless  users  —  especially  wire¬ 
less  data  users  —  should  practice.  Seek  in¬ 
put  from  all  departments  to  draft  an  effec¬ 
tive  policy  that  lets  users  be  most  produc¬ 
tive  while  keeping  costs  in  check. 

As  a  first  step  in  tackling  wireless-service 

Reducing  wireless 
service  costs 

•  Appoint  one  person  to  oversee 
procurement. 

•  Allow  departmental  input,  but 
centralize  buying  decisions. 

•  Identify  appropriate  users;  wireless 
isn't  for  all  employees. 

•  Negotiate  service-level  agreements. 

•  Review  usage  regularly. 

•  Use  management  tools  provided  by 
the  carrier  or  third-party  tools. 

SOURCE:  GARTNER 


cost  management,  conduct  a  wireless  tele¬ 
com  audit  of  all  your  users.“You  can’t  man¬ 
age  what  you  can’t  measure,”  says  Lisa 
Pierce,  a  Giga  Information  Group  analyst. 
Get  a  handle  on  wireless  usage  and  service 
needs  before  drawing  up  contracts  or  poli¬ 
cies,  she  advises. 

One  company  that  is  trying  to  get  as  much 
as  it  can  out  of  its  wireless  service  is  Hawaii 
Home  Loans,  which  is  using  Sprint  PCS 
wireless  service  to  support  all  employees’ 
voice  and  some  of  its  wireless  data  needs. 
While  the  organization  doesn’t  have  a  for¬ 
mal  policy  that  restricts  personal  calls, 
“there  is  a  direct  correlation  between  usage 
and  productivity’  says  Leonard  Loventhal, 
senior  vice  president  at  Hawaii  Home 
Loans  in  Honolulu  “On  average  our  top  pro¬ 
ducers  are  always  talking  to  clients  and 
therefore  use  the  most  minutes.” 

If  an  employee  has  logged  a  lot  of  minutes 
in  a  given  month  but  hasn’t  brought  in 
much  business,  then  it’s  clear  most  of  those 
minutes  were  for  personal  calls,  he  says. 

Hawaii  Home  Loans  uses  Sprint  PCS’s 
Web  site  to  track  individual  and  group 
usage  throughout  the  month.  In  the  14 
months  since  the  company  began  using 
Sprint  PCS's  service  in  and  out  of  the 
office,  Loventhal  says  there  was  only  one 
instance  when  he  had  to  tell  an  employee 
to  curtail  personal  phone  usage.  “We 
brought  her  in  and  talked  with  her, and  the 
problem  was  solved,”  Loventhal  says.  He 
could  approach  the  employee  because  he 
had  evidence:  The  Sprint  PCS  customer- 
service  Web  site  shows  detailed  individual 
usage  for  outgoing  and  incoming  calls,  as 
well  as  the  duration  of  each  call. 

The  management  tool  lets  Hawaii  Home 
Loans  monitor  its  bucket  of  minutes  to  en¬ 
sure  it  doesn’t  exceed  its  allotted  reserve. 
Loventhal  negotiated  a  flexible  corporate¬ 
wide  contract  and  can  easily  reduce  or  in- 


William  Lawrence,  CEO  of  Bubbles 
Enterprises,  cleaned  up  his  company's 
wireless  bills  by  switching  to  a  single 
contract  with  Nextel. 


crease  the  company’s  total  minutes. 

“That  has  been  extremely  easy  for  us  to 
manage,”  he  says,  which  also  keeps  costs  in 
check. 

Don’t  simply  accept  the  standard  contract 
that  a  carrier  offers.  “Everything  is  nego¬ 
tiable,”  Redman  says,  including: 

•  Length  of  contract. 

•  Cost  of  adds,  moves  and  changes. 

•  Discount  rates. 

•  Pricing  plans. 

•  Activation  fees. 

•  Devices. 

•  Service-level  agreements. 

While  reducing  costs  is  important,  ana¬ 
lysts  say  most  IT  managers  first  choose  a  ser¬ 
vice  provider  based  on  geographic  reach, 
and  second  based  on  rates.That’s  why  many 
larger  companies  sign  contracts  with  multi¬ 
ple  service  providers  to  meet  all  their 


needs,  says  Becky  Diercks,  an  analyst  at  In- 
Stat  MDR.A  company  might  go  with  Verizon 
Wireless  for  a  large  group  of  employees  be¬ 
cause  of  the  geographic  coverage  the  carri¬ 
er  offers,  and  might  turn  to  Nextel  for  anoth¬ 
er  group  of  employees  who  need  its  Direct- 
Connect  walkie-talkie  feature, she  explains. 

It’s  most  cost-effective  to  get  as  many  users 
as  possible  onto  one  plan  because  carriers 
offer  better  volume  discounts,  but  if  you 
need  to  use  multiple  providers  to  meet  your 
company’s  needs,  play  the  carriers  off  of 
one  another  to  reduce  service  costs  and  in¬ 
crease  flexibility 

William  Lawrence,  CEO  at  Bubbles  Enter¬ 
prises,  a  car  wash  and  detail  chain  in 
Houston,  streamlined  his  company’s  wire¬ 
less  usage  and  costs  by  consolidating  from 
three  different  wireless  services  to  one  plan. 
Lawrence  assessed  which  features  his  em¬ 
ployees  needed  to  increase  productivity. 

The  company  was  using  pagers  and  cell 
phones  and  land-line  voice  mail  to  keep 
managers  and  the  maintenance  crew  in 
contact  throughout  the  day“What  we  found 
was  none  of  the  three  were  effective,” 
Lawrence  says.  Calls  still  were  being  missed 
and  important  information  wasn’t  always 
delivered  in  a  timely  manner,  he  says. 

Bubbles  switched  to  Nextel’s  service 
about  four  months  ago.  The  company 
added  16  users  to  the  system,  and  now  has 
an  effective  communication  tool  to  keep 
employees  constantly  connected  and  has 
reduced  costs.“We  are  paying  $700  less  per 
month  for  the  Nextel  service,”  he  says. 

Instead  of  worrying  about  restricting  em¬ 
ployee  usage,  Lawrence  is  splitting  the 
monthly  costs  with  the  users.  Bubbles  offers 
employees  the  Nextel  phone  and  service 
for  $20  per  month,  which  Lawrence  says  is 
one-third  the  cost  of  what  many  of  tl.  m 
were  paying  on  their  own. They  get  500  any 
time  minutes, 2, 000  night  and  weekei:  m 
utes.and  unlimited  DirectConnect  min>  it»-  - 

Another  tactic  is  to  offer  employee:' 
counted  wireless  service  that,  counts  f<  •w; .  i 
the  company’s  total  annual  commii; 
your  company  has  a  contract  with 
Wireless  that  covers  100  employe  - 
could  let  your  employees  purchase  see. 
at  the  same  rate  for  their  personal  use  •  .  : 
pay  the  bill  on  their  own  SK 


Consolidate  control  of  your  server 

-  ' 

room  with  powerful  AMX  switching 


imw stage:  Avocent 


EASIER  TO  USE 

•  Auto-configuration  simplifies  set-up.  The  system  automatically 


KVM 

Matrix 

Switching 


addresses  the  ports,  appliances  and  computers  for  you 

•  Intelligent  AMIQ  interface  modules  remember  your  configuration, 
so  it’s  easy  to  install,  maintain  or  move  your  servers 

•  Graphical  AMWorks  administration  software  and  mouse-driven 
on  screen  menus  are  simple  to  navigate  and  control 


MORE  ADVANCED  FEATURES 


•Scalable  architecture  grows  with  your  server  room 
•Supports  multi-rack  PS/2,  Sun  and  USB  server  environments 

•  Full  non-blocked  access  to  servers  and  serial  devices 

•  End-to-end  CAT  5  connections 

•  Save  rack  space  -  1  U  switch  supports  up  to  8  users  and  32 
servers;  2U  switch  supports  up  to  16  users  and  64  servers 

•  Multi-level  security  and  password  protection  for  each  user 

•  Multiple  users  can  share  access  to  the  same  server 

•  Share,  private,  scan  mode  available  to  all  users 


Simpler  KVM  Switching 


•  AMIQ  computer  interface  module  retains  the  unique  ID  and  server  name, 
so  reconfiguration  and  expansion  is  as  simple  as  switching  the  cable- 

•  Exclusive  AutoTuning™  optimizes  video  performance  over  UTP  cable,  at 
any  distance 

•  Build  customized  user  profiles  and  centralize  control  of  connected  servers 
with  AMWorks  -  Java-based  system  software  included  with  each  switch 

•  All  system  components  can  be  flash  upgraded  simultaneously  with  just  a 
few  clicks  of  the  mouse 


■ 


Cai!  for  an  Avocent  Authorized  Reseller  near  you 

1  886  286-2368 


Make  the  smart  switch.  Download  our  Definitive  KVM 
Buyer's  Guide  at  www.avocent.com/advantage 

or  call  1-866-286-2368. 

t* n;  •»  v  oant  “ogo,  Auk  *  AutoTuA-nc;  AVWorka.  KVM  OVER  IP  and  The  Pbwe»  of  Being  There  aie  trademark*  of  Avocent 


Avocent. 

The  Power  of  Being  There- 


Console  Management 


Power 


Command  Your  Network 
With  Cyclades 


Jjjfr  Selecting  the  right  components  for  your  w&gyg 

network  is  often  a  challenging  decision. 

With  our  AlterPath  PM8,  you  can  remotely  IBB 

a 

re-boot  your  system  with  just  a  few  mouse  clicks. 

By  integrating  the  AlterPath’  PM8  with  our  Mk 

award-winning  AlterPath  ACS,  you  combine 
power  and  console  management.  Now  you  can  ^ 

command  all  your  infostructure  with  secure  authentication  tfj 
and  bulletproof  encryption  as  demanded  by  todays' 
mission-critical  applications  all  in  one  single  session  -  anytime,  anywhere 


AlterPath""  ACS 


AlterPath  PM 8 


Power 


I 

Integrated  Power 

Console  and  power  control  from  one  session, 

7 

and  Console 

no  need  to  memorize  ports  and  addresses 

l 

Security 

SSH  v2,  strong  authentication,  encryption  and 

IP  filtering  on  both  power  and  console  access 

Daisy  Chain 

Daisy  chain  power  distribution  units  to  control 

any  number  of  devices  from  a  single  serial  port 

Remote 

Control 


trine 

Monitoring 


'Best  Hardware  for 
Linux  since  1995 


www.cyclades.com/nw 

1 .888. cyclades 
sales@cyclades.com 
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NetworkWorid 

THE  HUB  OF  THE  NETWORK  BUY 


Now  you  can  gain  control  with 
advanced,  remote  power  distribution 

The  space-saving  ARC  MasterSwitch  is  a  perfect  0  "U"  fit  for  networks,  colocation  facilities,  and 
ISPs  -  anywhere  remote  control  of  outlets  is  required. 

Control  power  to  your  valuable  connected  network  devices  using  MasterSwitch's  remote  on/off/reboot  capability.  Ideal 
for  any  situation  where  rebooting  or  power  cycling  is  required  of  equipment  or  'locked-up''  servers.  The  MasterSwitch 
mounts  vertically,  requiring  zero  U  space,  leaving  you  with  more  room  for  your  network  equipment.  Trust  your  remote 
management  needs  to  the  leader  in  power  protection:  APC.  To  learn  more  today  visit  us  online  at  www.apc.com 

OPTIMIZED  FOR  MANAGEMENT  AND  CONTROL 


•  Wireless  Application  Protocol 

•  Boot-P  support 

•  Accessible  terminal  block  for  hardwire 
capability 

•  Event  configuration 

•  E-mail  notification 

•  Vertical  mounting,  requiring  zero  'U' 
of  space 

•  Remotely  manage  outlets  by  turning 

•  Requires  separate  control 


outlets  on/off  or  rebooting  connected 
equipment 

•  Built-in  Ethernet  interface*  for  direct 
connection  to  the  LAN 

•  MD5  authentication  security 

•  Power-up  sequencing  lets  you  configure 
the  sequence  in  which  power  to  outlets  is 
turned  on  or  turned  off. 


Enter  to  WIN  a  FREE  APC  MasterSwitch™  today. 

Visit  httpy/promo.apc.com  Key  Code  m317y  •  Call  888-289-APCC  x6575  •  Fax  401-788-2797 

©2003  American  Power  Conversion  Corporation.  All  Trademarks  are  the  property  of  their  owners.  E-mail:  esupport@apcc.com  •  132  Fairgrounds  Road,  West  Kingston.  Rl  02892  USA 


Every  product 
carrying  this  mark 
has  been  tested  and 
certified  for  use  with 
InfraStniXure” 
architecture.  Before 
you  buy,  check  for  the 
X  to  guarantee 
product  compatibility. 


With  over  15  million 
satisfied  customers,  APC's 
Legendary  Reliability" 
guarantees  peace  of  mind. 


Legendary  Reliability®  Ms2A3ep 


'-US 


in  Remote  Reboot  AC  or  DC  Power  Management 


Don't  let  server  lock-up  knock  you  off  the  mountain.  Spectrum  Control's 
SMARTstart  power  distribution  units  with  remote  power  management 
capability  allow  you  to  monitor,  sequence  and  reboot  your  servers  and 
network  equipment  from  any  remote  location. These  AC  or  DC  rack 
mounted,  off-the-shelf  solutions  feature  several  methods  of  communication, 
including  advanced  Web  Browser  access  and  greater  power  management 
than  you  ever  imagined. 

•  Reboot  via  telnet  and  other  convenient  interfaces 

?  •  tower  costs  through  reduced  network  downtime  and  field  service  visits 
.  •  SMARTstart  PDU's  offer  customization  and  are  upgradable 

•  Menu-driven  user  friendly  interface  and  secure  password  protection 
2  ;  •  Global  access  to  monitor,  reboot  and  sequence  outlets 

:.L  ;>.  Email  alerts  &  SNMP  Traps  for  immediate  system  status  notification 

.i  ■  ■■  • 

-  *;  ALL  AT -AN  UNBELIEVABLE 

i  iDUT  OF-THE-BOX  PRICE!  . giiimR-*" 


To  leant  more  call  814-474-2207 
or  for  online  data  sheets,  go  to  q 
wu’vv.  s pecpowe  r.  com/ r#mote22 


We're  looking  for  Resellers  (VAR'S) 
and  Distributors  to  join 
our  SMARTcircle 
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You  could  be  relaxing 
on  a  bed  of  Rosesj* 


Ultra  Link 


■  Connects  to  standalone  computers  or  any  KVM  switch 

■  High  quality  16-bit  video  at  up  to  1280x1024  resolution 

■  Easy  to  install,  give  it  an  IP  address  and  run  the  Viewer 
program,  no  user  license  required 

■  Encrypted  communication  produces  highly  secure  operation 

■  Scaling  and  scrolling  features  for  maximum  flexibility 

■  Single  mouse  cursor  simplifies  user  interface 

■  See  four  servers  from  one  screen  with  quad  screen  mode 

■  Lifetime  free  flash  upgrades 


UltraLink  sets  a  new  standard  in  remote  management  of  server  room 
environments.  It  saves  you  money  by  allowing  you  to  centralize  your  IT 
resources.  Since  it  does  not  depend  upon  software  loaded  on  your 
computers,  it  deploys  easily  and  works  on  any  operating  system,  such 
as  Windows,  Linux,  Solaris,  Unix,  or  OSX. 

The  UltraLink  digitizes  the  remote  computer's  video.  It  then  scales, 
compresses,  encrypts,  and  packetizes  it  into  the  TCP/IP  protocol.  At 
your  PC  the  free  Viewer  application  receives  and  displays  the  video  and 
sends  back  keyboard  and  mouse  data.  This  process  allow  you  to  access 
remote  computers  from  anywhere. 

Rose  is  a  leading  manufacturer  of  switching,  extension,  and  access 
products.  As  a  KVM  industry  pioneer,  Rose  is  known  for  its  technically 
superior  and  price  competitive  products. 

Join  the  ranks  of  many  successful  companies  using  UltraLink,  call  Rose 
to  learn  more  about  KVM  Access  over  IP  as  well  as  KVM  Switches  and 
Extenders. 


Rose  Electronics 
10707  Stancliff  Road 
Houston,  TX  77099 


USA  toll  free 
ROSE  US 
ROSE  Europe 
ROSE  Asia 


800  333  9343 
281  933  7673 
+44(0)  1264  850574 
+617  3427  5353 


WWW.ROSE.COM 
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There  Is  A  Better  Way  To  Troubleshoot  &  Manage  Your  Network 


Observer 
* 995 


Expert 
Observer 
$ 2895 


Observer 
Suite 
* 3995 


Observer® — Quickly  identifies  network 
trouble  spots  and  costs  thousands  less  than 
expensive  hardware-based  analyzers. 
Observer  provides  metrics,  capture,  and 
trending  for  both  shared  and  switched 
environments. 

•  Full  packet  capture  and  decode  for  over 
500  protocols,  including  TCP/IP  (v4  &  v6), 
NetBIOS/NetBEUI,  XolP,  SNA,  SQL,  IPX/SPX, 
Appletalk  and  many,  many  more! 

•  Switched  mode  sees  all  ports  on  a  switch 
gathering  statistics  from  an  entire  switch  or 
capture/statistics  from  any  port(s) 

•  Long-term  network  trending  collects 
statistical  data  for  days,  weeks,  months, 
even  years 

•  Real-time  statistics  include  Top  Talkers, 
Bandwidth,  Protocol  Statistics,  and 
Efficiency  History 

•  Ethernet  (10/100/Gigabit),  Token  Ring, 
FDDI,  and  Wireless  802. 1 1 — no  need  to 
purchase  separate  tools 


•  Windows Is  98/Me/NT/2000/XP  compatible 

•  Over  4,000  frame  types  recognized 

Expert  Observer — Identifies  problems  and 
provides  Expert  information  in  plain  English. 

Includes  all  of  the  features  of  Observer  plus 
real-time  and  post-capture  expert  event 
identification  and  analysis — new  SQL  and 
Frame  Relay  experts  add  to  the  many  other 
protocols  covered,  time  synchronization 
technology,  and  modeling  of  network  traffic. 

Observer  Suite — The  ultimate  tool  for 
the  most  demanding  power  user. 

Provides  a  full  complement  of  tools  that 
includes  all  of  the  features  of  Expert 
Observer  plus  SNMP  management,  RMON 
console/Probe  and  Web  reporting.  Includes 
one  remote  Probe. 

If  you  have  any  network  problems,  find 
out  the  cause  with  Observer ;  Expert 
Observer,  or  Observer  Suite. 


Call  800-526-7919  or  visit  us  online  for  a  full-featured  evaluation: 

www.NETWORKINSTRUMENTS.com 

US  (952)  932-9899  •  Fax  (952)  932-9545  •  UK  &  Europe  +44  (0)  1959  569880  •  Fax  +44  (0)  1959  569881 
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Web  Based  Power  Swi 
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Yes,  you  can  Switch 
Power  over  the  Internet... 


3WII  -  internet  Power  Switch  •  Microsoft  Internet  Explo 


[]  £k  £<fc  '/lew  Favorite*  look  Heici 


■  ■■■ 


,rsv^  #ohz 

Web  Browser  Access  for  Easy  Operation 
Telnet  and  Serial  Access 
Encrypted  Password  Security 
Expandable  to  Five  (5)  Individual  Outlets 
Each  Outlet  can  Switch  a  15  Amp  Load 
On  /  Off  /  Reboot  Switching 


Servers,  routers,  and  other  electronic 
equipment  sometimes  “lock-up,” 
often  requiring  a  service  call  to  a 
remote  site  just  to  flip  the  power 
switch  to  perform  a  simple  reboot... 

The  IPS-15  gives  you  the  ability  to 
perform  this  function  from  anywhere! 


QflOfeB 


INTERNET  POWER  S 


LOCATION:  IPS-15  Live  Demo  Unit 


Plug  Name 

1  Serverl 

2  Server  2 

3  — 

4  ... 

5  - 

All 

Plugs 

Setup  I  Logout  | 


Status  On  Off  Boot 

f.QW  3  r  r  r 

f  I  r  r  r 


Refresh  |  Apply  |  Cancel  | 


<6 


Expandable! 
Using  IPS  Satellite  Units... 


www.wti.com 


(800)  854-7226 


western  telematic  incorporated 

5  Sterling  •  Irvine  •  California  926  1  8*2  5  1  7 


"Keeping  the  Net.. .Working!" 


dtSearch 


dtSearch 


dtSearch 


dtSearch 


dtSearch 


Instantly  Search 
(IldCavCn  Gigabytes  of  Text 

♦  Search  across  networks,  intranets,  and  web  sites 

♦  Publish  large  document  collections  to  web  or  CD/DVD 

♦  over  two  dozen  indexed,  unindexed,  fielded  and  full-text  search  options 

♦  highlights  hits  in  HTML  and  PDF  while  displaying  embedded  links, 
formatting  andniiMi'M.4 

♦  converts  other  file  types— word  processor,  database,  spreadsheet,  email, 

ZIP,  XML,  Unicode,  etc.— to  HTML  for  display  with  highlighted  hits 

♦  developer  products  have  easy  wizard-based  setup;  optional  API 


“Scorches  at  blazing  speeds”  -Computer  Reseller  News  Test  Center 

“Very  y  ^erful ...  a  staggering  number  of  ways  to  search 

-Windows  Magazine 


“Intuitiv?  nd  austere  ...  a  superb  search  tool”  -PC  World 

dtSearch  ‘  covers  ail  data  sources ...  powerful 

Web-based  engines”  -eWEEK 


‘Blindingly  las'.  "  -Comouter  Forensics:  Incident  Response  Essentials 


‘A  powerful  text  mining  engine  ...  effective  because  of  the  level 

of  intelligence  it  displays’  -PC  A! 


In  the  past  year  alone,  over  half  of  the  current  Fortune  10 
have  purchased  developer  or  network  licenses. 

1  -800-IT-FINDS  5eewww.dtsearch.com  for 

sales'5>otsearch  com  ♦  developer  case  studies 

♦  fully-functional  evaluations 
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Industrial-strength... 
superb"-pc  Magazine 
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Text  Retrieval 
Engine 

♦  for  Win  &  .NET 

♦  for  Linux 

♦  call  for  pricing 
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Industrial-strength... 
SUperb"-K  Magazine 
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Industrial-strength.. 
«;uDerb"— PC  Magazine 


superb" -PC  Magazine 


;  a 
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♦  included 
with  Desktop , 
Network  and 
Web 


x  n 


“Industrial-strength.. 
superb"-pc  Magazine 


Desktop 

♦  5799 


Industrial-strength 


The  Smart  Choice  for 
Text  Retrieval®  since  1991 


Network 

Sfnom  $800 
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Need  SSH  Console  Mana 


J1 

SSH  or  Out-Band  Access  ti 
Consoles  at  Remote  Locations 


western  telematic  incorporated 


m\^°a 


(800)  854-7226  •  www.wti.com 


The  SCM-16  Secure  Console  Management  Switch  provides  in-band  and 
out-of-band  access  to  RS232  console  ports  and  maintenance  ports  on  UNIX 
servers,  routers  and  any  other  network  elements  which  have  a  serial  console 
or  craft  port.  System  administrators  can  access  serial  maintenance  ports 
over  the  network  via  SSH  connections  and  simple  menu-driven  commands, 
or  through  a  discrete  TCP  port  connection  mapped  directly  to  one  of  the 
SCM-16  serial  outputs. 


Visit  website  for  complete  NetReach™  product  line. 


■  Secure  Shell  (SSHv2)  Encryption 

■  Simultaneous  SSH  or  Telnet 

■  Non-Connect  Port  Buffering 

■  SYSLOG  Reporting 

■  SNMP  Capability 

■  Any-to-Any  Port  Switching 

■  IP  Security  Features 

■  10/100  Base-T  Ethernet  Port 

■  Port-specific  Password  Protection 

■  Data  Rate  Conversion 

■  11 5/230 VAC  or  -48VDC  Models 


Why  use  1 3U  when  you  can  just  use  1  ? 


Introducing  APC's  Rack-mount  LCD  Monitor 

As  floor  space  in  your  IT  environment  becomes  more  expensive  and  difficult  to 
allocate,  you  need  to  utilize  your  rack  enclosure  space  as  efficiently  as  possible. 

A  traditional  CRT  monitor,  monitor  shelf,  keyboard,  and  keyboard  drawer  take  up  to 
13U  of  your  valuable  rack  space.  An  APC  rack-mount  LCD  monitor/keyboard  drawer 
offers  you  the  same  functionality  while  using  only  1 U  (1 .75")  -  leaving  you  with  up  to 
12U  of  valuable  space. 

FEATURES  INCLUDE 


A  full  size  keyboard  with  1 04  full 
travel  keys  and  integrated  number 
pad 

An  integrated  trackball  to  eliminate  the  need 
for  an  external  mouse 


On-screen  display  (OSD) 
adjustments 


1024  x  768  resolution  for 
exceptional  image  quality  for  most 
server  applications 


Active  matrix  TFT  displays  that  emit  less 
heat  and  use  less  than  half  the  power  of 
comparable  CRT  monitors 


Ability  to  connect  to  a  server  or  KVM 
switch  via  a  standard  VGA  connector 


. 

|  ^^^J^ViSfUittpJ/promtupcxom  Key  Code  m316y  •  Call  888-289-APCC  x6574  •  Fax  401-788-2797 

©2003  American  Power  Comraswn  Corporation  All  Trademarks  are  the  property  of  their  owners  E-mai!'PSupport@apct  com  •  1 32  Fairgrounds  Road.  West  Kingston.  Rl  02892  USA  J 
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With  over  15  million 
satisfied  customers,  APC's 
Legendary  Reliability' 
guarantees  peace  of  mind. 


jpa,  vHjhupg* 

Legendary  ReiiaouTv 
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10/100  BaseT  Ethernet 

IP  for  HTML,  SNMP  & 
Telnet  Management 


RS-232 
Serial  Management 


Link  Port 

(daisy  chains  to) 

Expansion  Module 


Power  Tower  XL 

•  Outlet  Grouping  across 
power  circuits 

•  Input  Current  Monitor 

•  New  HTML  GUI 

•  Power-up  Sequencing 

•  Zero  U  vertical  and  Rack- 
mount  horizontal  models 

•  Add  a  second  Power  Tower 
to  manage  32  power-ports 


'  ^  Sentry  Power  Tower. 
?fefquiprnent  Cabinet  Solutions. 

■«i? :  '  : ' 

Server  Technology,  Inc. 

. . . ■  _  'Wk  *  '■  ;•)  '*■■!  .  - 

1040  Sandhill  Drive  Reno,  Nevada  8951 1  USA 
web:  www.servertech.com  toll  free:  1.800.835.1515 


Intrusion  Prevention 
for  Microsoft  Web  Servers 


SecurellS™  Web  Server  Protection 


•  Requires  No  Signature  Database  Updates  •  Shields  Against  All  Classes  of  Attack 

•  Simple,  Powerful  GUI  •  Protects  Without  Disabling  IIS  Functionality 

•  Central  Policy  Management  •  RFC  Compliancy  Checking 


Download  a  FREE  Whitepaper  and  FREE  Trial  of  SecurellS: 
www.eEye.com/FreeSecurellS  or  call  866.282.8276 


SecurellS  delivers  proven  security  for  blocking  known  and 

<G> 

unknown  attacks  from  penetrating  Microsoft  IIS  servers. 

eEye®  (Digital  Security 

SENSAPHONE® 

irvis-aaaa 


Sends 

SNMP 


Monitors 

64 


Embedded 

Web 


Sends 

E-Mail 


Power 

Outage 


Internal 

UPS 


BE  NOTIFIED  BEFORE  CRITICAL  EVENTS  TURN  INTO  DISASTER! 


•  Eight  environment  inputs 

•  Power  sensing 

•  Monitors  64  IP  addresses 

•  Send  alerts  to  64  people 

•  8  methods  of  contact 

•  Calendar  scheduling 

•  Expands  to  256  sensors 

•  Remote  power  control 

•  Optional  camera 


The  Sensaphone  IMS-4000  Infrastructure 
Monitoring  System  monitors  critical  environ¬ 
mental  and  network  elements  in  your  server 
room,  data  center,  or  telecomm  installation  and 
reports  to  you  instantly  when  events  threaten 
your  infrastructure.  The  IMS-4000  keeps  watch 
so  you  don't  have  to.  See  these  features  and 
more  on  the  web  at  www.ims-4000.com 


Phonetics,  Inc. 

Tel:  877-373-2700 

901  Tryens  Road 

www.ims-4000.com 

Aston,  PA  19014 

►  Largest  warehouse  of  used  Cisco 

►  Highest  quality  and  lowest  prices 

►  Over  5000  satisfied  customers 


Call  or  email  for  a  fast  quote. 
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SERVER  ROOM 

Temperature 

Sensors 

M  u  I  tlple  Models  I  nc]  u  dine: 


...  T»l- 100 


THL-100 

(Battery  powered) 

THL-100  AC/ DC 

(Continuous  monitoring) 

THL-100  AC/DC  Plus 

(Email  alarms) 

►  Records  Temperature,  Humidity  &  Light 

►  Time  Stamped  Data  for  Detailed  Analysis 

►  Windows-based  SmartSensor  Software 
•  Data  or  graphical  view 

•Easily  exports  to  common  spreadsheet 
software 


Toll  Free  1-866-442-7767 
www.smartronix.com/products 


NEW 


WR6A.NET 


/ 

W' 


USED 


50%-90%  Discounts 

Cisco  Livingston  Ascend  Lucent 
3Com  US  Robotics  Kentrox 
Adtran  BayNetworks  Xyplex 
Racketeer  Computone  Patton 
Extreme  Networks 

Modems  /  DSU  /  Muxes 

IBM  UDS  Codex  Hayes  GDC 
Micom  Microcom  Paradyne 
ATT  MultiTech  Penril 
Racal  Telebit  Zoom 

BUY  AND  SELL 

800-699-9722 

www.wrca.net 
AS5x  VOIP /EXS  2000 


iruivii 

See  the  entire  Generation 
3.0  collection  at: 

BRETTS 

Luggage.  Leather  goods.  Gifts 
Pens.  Clocks.  Lighters.  Games 

www.suitcase.com 


CISCO  NORTEL 

NEW  •  REFURB  /  BUY  •  SELL 


4JJE? 

Truckload 


Cisco  Sfstms 


NGRTEL 

NETWORKS 


Sale 


Bay  Networks_ 

Fax  Equipment  List  To  801-377-0078 


888-8LANWAN 

Call  for  Free  Quote!  (888-852-6926) 


I  ’JVoJjJjJjJy;  I>J. 

m 

'M  \ 

Contact  these  companies  today  to  help  you  with  your  training  needs! 

|  MeasureUp 

(678)  356-5000 
|  www.measureup.com 
Certification  Practice  Tests 


Transcender 

(615)  726-8779 
I  www.transcender.com 
Award-winning  practice  exams 
for  IT  certification 


Learnkey,  Inc. 

(800)  865-0165 
I  www.leamkey.com 
Self-paced  online  CD  network 
certification  developer  bus/apps 


CBT  Nuggets 

(888)  507-6283  &  (541)  284-5522 
|  www.cbtnuggets.com 
inexpensive  training  videos  on  CD. 

MCSE,  MCDBA,  MCSD,  Cisco  CCNA,  Linux,  A+,  Net+ 


IPexpert,  Inc. 

(866)  225-8064 
I  www.ipexpert.net 
CCIE  (R&S,  SEC,  and  C&S),  CCSP, 
CCNP,  CCNA,  and  IP  TELEPHONY 


io  You/  Jlijjjjj 
£]JJ  fju:J \)h  :)1 

000) 


NetWOfkWortd  NetSmart  Learning  Partner 


ph:  +  140: 

OptimumDatalnc.  ^ ax '  +  ^  ^ 

wrww.optimumdata.com 

p  r~ 

We 


toll  free  800  879  8795 
ph:  + 1  402  575  3000 
fax: +1  402575  2011 


1 20  Day  \ 

Cisco  •  Paradyne  •  ADTRAN  •  Sun  •  Extreme  Netwb 


Systems/Features/Memory 


CISEO 

EQUIPMENT 

Also  Available:  Wellfleet,  Bay,  Fore, 
Xylogics,  Livingston,  &  Ascend 

In  Stock  •  Fast  Delivery  •  No  expedite  Charges 


COMSTAR,  INC. 

The  m  Network  Remarketer 

952 • 835 • 5502 

Fax  9S2«8S5»1927  E-Mailsales«comstarlnc  com 


Advertise  in  the  Marketplace 
and  watch  your  sales  come 
pouring  in! 

Call  Direct  Response  Advertising 
1-800-622-1108 


Lead  Software  Development  En¬ 
gineer  (Denver)  -  Lead  in  the 
team  effort  to  design,  develop, 
code,  test  &  debug  new  complex 
software/make  significant  en¬ 
hancements  to  existing  complex 
software  using  Knowledge  of 
C/C++.  Java,  SQL;  UML,  SCM; 
Oracle,  PL/SQL,  Pro*C;  client- 
server  programming  &  database 
design;  &  Unix  programming. 
Lead  review  of  input  for  docu¬ 
mentation  of  new/existing  soft¬ 
ware.  Apply  existing  &  introduce 
new  &  approved  technologies  to 
develop  solutions  using  C/C++, 
PL/SQL.  rule-based  systems  on 
a  Unix  platform.  Lead  others  in 
the  application  of  principles,  the¬ 
ories  &  concepts  &  use  of 
methodologies,  tools,  documen¬ 
tation  processes  &  test  proce¬ 
dures  to  complete  projects  in¬ 
cluding  Magic  Solutions  &  other 
business  process  automation 
applications.  BS  Comp  Sci,  Eng. 
or  related.  5  yrs.  related  experi¬ 
ence,  $93, 800/year,  M-F  8-5, 
detailed  working  knowledge  of: 
C/C++/Java/SQL,  UML.  SCM 
design/development  tools,  Orac¬ 
le,  PL/SQL,  Pro*C,  Client-server 
programming,  Unix  program¬ 
ming.  Application  by  resume 
only  to  CODOL,  Two  Park 
Central.  Suite  400,  1515 

Arapahoe  Street,  Denver,  CO 
80202;  Ref  job  CO5049367. 


IT  Positions:  (St.  Louis,  MO): 
Programmer  Analyst:  Develop  multi 
-tier  busi./mgmt  info  syst.  and  per¬ 
form  data  modeling/recon. in  AS/ 
400/1 LE  environ,  using  OO,  CL  pro¬ 
gram.,  RPGIV,  PDM,  RUL,  SDA, 
and  SQL400. 

Test  Analyst:  Complete  testing  life 
cycle  of  GUI/Web-based  appls.  w / 
test  scripts  using  SQA  /Rational 
Robot,  setup  data  on  AS/400  and 
testing  populated  data  in  Informix 
db  on  UNIX  w/  SQL  query,  post 
beta  release  issues  and  QA 
process. 

DBA:  Design/implement  terabyte- 
size  relational  Informix  db  on  HP- 
Unix.  SUN  Solaris  &  IBM-AIX;  db 
structures/objects/logic  design;  RD¬ 
BMS  backup/recovery  strategy; 
tuning/security  w /  Informix  4GL, 
VERITAS  Netbackup,  Shell  scripts, 
C,  and  ESQL/C. 

Require  BS/BA  or  the  equivalent  in 
Comp.  Sc.,  Engr.  MIS.  or  in  a  close¬ 
ly  related  field. (will  accept  equ. 
exp  )  plus  min. 6  mon.  exp.  in 
offered/related  position,  and  must 
be  able  to  perform  all  the  duties  on 
the  day  of  employment.  Full  time/ 
competitive  salary.  Resume  to: 
Crawford  Group.  Inc.  at 
spiatt@erac.com  Include 
"ComputerWortd"  in  the  subject 
line  NOCALL/EOE. 


Software  Dev.  Co.  req.  Software 
Engr  Duties  incl  :  Take  an  active 
role  in  the  development  and 
maintenance  of  Object  oriented 
multi-threaded  SC  ADA  software. 
Software  Fngineer  will  develop 
software  requirements  specifica¬ 
tions,  functional  specifications, 
software  destgn  documents  and 
test  documents.  Design  develop 
and  implement  ladder  logic  and 
device  driver  using  MODBUS. 
SNP-X.  IEC  870  protocol  for  PLC. 
Kncwiedge  of  GUI  implenienta- 
tions  is  required  for  both  the 
designing  and  debugging  of  code 
using  VC++  Perform  database 
design .  deveioo.  maintain  and 
Implement  database  scnpts, 
stored  procedure  and  tnygers  for 
SQL -Server  end  MS-ACCESS. 
On-site  implementation  of  HMI 
software  Job  to  be  performed  at 
Frederick  ,  MD,  and  at  venous 
unanticipated  client  sites  through¬ 
out  the  U  S.  Resp  to  IT  Director 
Engineering  Systems  Solutions. 
Inc  5726  Industry  Lane. 
Frederick.  MD  21704. 


Senior  Software  Engineer 

Develop  complex,  multi-tiered  ap¬ 
plications,  especially  Internet  ap¬ 
plications  &  to  design  &  trouble¬ 
shoot  at  all  stages  of  development. 
Interact  w/customer  to  understand 
&  deal  w/any  potential  complica¬ 
tions  or  special  requirements.  In 
developing  application,  must  for¬ 
mulate  &  develop  application  de¬ 
sign  using  object  oriented  analysis 
&  design  techniques,  develop  & 
deploy  design  under  operating 
systems  UNIX  or  NT,  as  well  as 
conduct  application  engineering  & 
assist  customers  in  writing  applica¬ 
tions  using  assorted  tools.  Posi¬ 
tion  requires  extensive  amount  of 
travel  in  N.  American  region. 

Rqrs:  MS  in  CS,  Engineering,  or 
related  or  equivalent.  A  BS  w/5 
years  of  post-baccalaureate  pro¬ 
gressive  experience  will  substitute 
for  a  Master’s  degree.  Requires 
extensive  knowledge  in  server  side 
Java  or  C++;  extensive  knowledge 
in  developing  in  UNIX  or  NT;  ex¬ 
tensive  knowledge  in  development 
using  object  oriented  analysis  & 
design  techniques;  knowledge  of 
J2EE  standards,  including  EJB. 
JSP,  Servlet  Programming,  JNDI, 
&  JBDC;  knowledge  of  e-com¬ 
merce  projects;  knowledge  in 
XML;  &  knowledge  of  directory  ser¬ 
vices.  8:30a. -5:30p.  40  hrs/wk. 
$115,000/yr.  Submit  2  resumes  to 
Case  #  200200417,  Labor  Ex¬ 
change  Office,  19  Staniford  St,  1st. 
fl„  Boston  MA  02114. 


Software  Engineer 

Must  design  &  develop  complex 
enterprise/distributed  systems 
for  the  Internet  using  Java,  sup¬ 
porting  technologies  &  tools; 
analyze  software  requirements 
to  determine  feasibility  of  design 
within  time  &  cost  constraints; 
assist  in  planning,  development, 
&  modification  of  any  existing 
application;  develop  &  direct 
software  system  testing  proce¬ 
dures,  programming  &  docu¬ 
mentation;  &  consult  with  cus¬ 
tomer  concerning  issues  of  a 
software  system.  Rqrs;  BS  in 
CS,  E,  or  related  w/2  years  soft¬ 
ware  industry  experience.  Rqrs 
experience  in  Java  Program¬ 
ming  Language;  real-world  ex¬ 
perience  designing  &  building 
Multi-Tier  enterprise  applica¬ 
tions,  Object-oriented  design,  & 
relational  databases;  &  experi¬ 
ence  w/either  weblogic  applica¬ 
tion  server  or  IBM's  websphere 
Application  server.  Good  com¬ 
munication  skills  are  a  must. 
1 0:00a. -6:00p.  40  hrs/wk. 

$74,000/yr.  Submit  2  resumes 
to  Case  #  200201855,  Labor 
Exchange  Office,  19  Staniford 
St,  1st.  fl„  Boston  MA  02114 


Prog/ Analysts  to  -  analyze, 
design,  test  client  server/web 
appls  with  OOAD  methodologies 
using  Java,  VB,  EJB,  Servlets. 
J Script,  XML.  HTML.  Oracle. 
SQL,  JDBC,  Access.  Weblogic, 
etc  in  Windows  OS;  analyze 
business  processes,  determine 
reqs,  generate  reports;  docu¬ 
ment.  maintain,  debug,  test,  per¬ 
form  code  optimization;  OR  - 
analyze,  develop,  maintain  s/w 
appls  using  Oracle  Appls, 
Oracle.  PL/SQL,  Dev  2000,  etc 
under  Windows/UNIX  OS;  con¬ 
duct  functional  testing/debug, 
perform  data  conversions,  cus¬ 
tomize  Forms/Reports  using 
Oracle  Appls  standards;  docu¬ 
ment.  maintain  &  update  dev 
process.  Require;  BS  or  for¬ 
eign  equiv.  in  CS/Engg  (any 
branch)  or  related  field  &  2yrs 
exp.  in  IT.  High  salary  Travel 
involved.  F/T.  Resume  to:  HR, 
Bahwan  Cybertek  Tech¬ 
nologies.  Inc.,  209  West  Central 
Street,  Ste  312,  Natick.  MA 
01760. 


ASP  Web  Dvlpr  wanted  by 
Multi-Nat'l  Mktg  &  Ad  Co.  in 
Detroit.  Oversee  prgmng  for 
database  web  projects  using 
ASP;  review  site  specs,  meth¬ 
ods  &  technology;  ensure  pro¬ 
ject  deliverables  are  complet¬ 
ed  to  standard;  create  appli¬ 
cations  to  support  multi-plat¬ 
form  deployment;  trouble¬ 
shoot;  eval/specify  hardware; 
mng  systs  interface.  Bach  in 
Comp  Sci  or  Engineering  & 
2yrs  in  job  offered  req.  Re¬ 
spond  to:  HJ/HR  Dpt,  PO  Bx 
4241,  GCS,  NY  10163. 


Computers  -  Citigroup,  Inc. 
(Stamford,  CT)  seeks  Software 
Engineers/Developers,  Prog. 
Analysts/Admins,  Project  Mgrs,  DB 
Architects,  QA  Engineers  w/BS  or 
MS  in  Comp.  Sci.  Engineering, 
Math.  IT  Electronics.  CIS,  MIS,  Bus. 
Admin,  or  related  quantitative  field 
or  equiv.  combo,  of  work  exp.  & 
educ.,  &/or  exp.  in  any  above  or 
similar  positions.  Exp.  in  any  of  the 
following:  UNIX,  AIX,  Sun/Solaris, 
PL/SQL,  Sybase.  Oracle.  C++. 
ProC,  VB,  ASP.  Visual  Interdev, 
Java,  JavaScript,  Oracle.  Netscape, 
MS,  IIS,  Shell  Scripting.  HTML.  Fox 
Pro,  Perl,  Windows  NT,  Networking, 
Security  tools,  QC,  Encryption 
Tools,  CASE  tools,  e-Commerce 
technologies.  Forward  resume  to 
Attn:  DT,  100  First  Stamford  Place, 
Stamford,  CT  06902.  No  calls  or 
faxes,  please,  EOE.  M/F/D/V. 


Applications  Systems  An¬ 
alyst  wanted  by  Lux  Resort 
&  Casino  in  FL.  Analyze, 
design/redesign,  dvlp  & 
support  internet  initiatives 
&  web  pgs;  install  &  sup¬ 
port  server;  work  w/team  to 
dvlp  corp  intranet;  dvlp 
custom  appl  based  inter¬ 
faces.  Bach  in  Comp  Sci  & 
2yrs  exp  in  job  offered  req. 
Respond  to;  Recruitment 
Mngr/Kerzner,  1000  S  Pine 
Island  Rd,  Plantation,  FL 
33324. 


Kama  Consulting  Inc. 
TOP  $$'s,  W2  or  1099 

We  are  a  fast  growing 
Consulting  company  based 
in  New  Jersey. 
Excellent  opportunities  for 
Programmers, 

Systems  Analysts,  DBAs. 

Sun  Solaris  System  Admins, 
Natural,  Webshere, 
ADABAS,  ORACLE,  SYBASE, 
PROGRESS,  COBOL,  C++ 
TCP/IP,  Delphi/VB,  Windows  NT 

Send  your  resume  to 
Rod  McFadden 
Kama  Consulting 
Fax:  704-896-9660 
Email:  rod@kamaco.com 


PROGRAMMER  ANALYSTS  for 
Mt.  Prospect,  IL  office.  Develop 
&  maintain  software  applications 
using  Oracle,  SQL  Server.  Er¬ 
win,  Linux.  Sybase,  XML,  UML. 
Interwoven,  Coolgen.  Clear- 
Case,  ClearQuest,  Plumtree, 
PVCS.  UNIX.  Bachelors  Degree 
reqrd  in  Computers,  Engin¬ 
eering.  Math  or  related  field  of 
study  +  2yrs  of  related  exp.  40 
hrs/wk:  Must  have  legal  authori¬ 
ty  to  work  permanently  in  the 
US.  Send  resume  to  HR 
Manager,  Magnum  Technol¬ 
ogies,  Inc.  1000  Arbor  Court,  Mt. 
Prospect,  IL  60056. 


Sr.  Software  Engineer  (with 
Bachelors  degree  and  5  years 
experience)  -  West  Chester, 
OH.  Job  entails  and  requires 
experience  in  design  and 
development  of  applications 
using,  Oracle,  Visual  Basic,  12 
Demand  Planner,  PL/SQL, 
Perl  Script  and  Unix. 
Relocation  within  USA  possi¬ 
ble.  Attractive  compensation 
package.  Send  resume  to 
Catherine  Fanucchi,  SDG 
Corporation.  65  Water  Street 
Norwalk,  CT  06854. 


BitsOfCode  Software  Sys¬ 
tems,  Inc.  (Katy,  TX)  is  seek¬ 
ing  System  Analysts.  6  mon. 
exp.  using  C#,  C++,  C,  Java, 
TIBCO,  FIX,  FiXML,  XML/ 
XSLT/DHTML,  J2EE/Swing, 
TOPS  Financial  Modules, 
Reuters/Tibco  Market  Feeds, 
JRun,  COM/DCOM/ActiveX, 
JNI,  JDBC,  Excel  VBA,  Or¬ 
acle,  SQL,  Javelin  Appia,  B2B 
Fix,  JBuilder  and  Weblogic. 
B.S.  required.  Send  resume 
to  22523  Westbrook  Cinco 
Ln,  Katy,  TX  77450.  888-423- 
4993(F)/281  -693-2633(T). 
Attn:  Joseph  Koothrappally. 


System  Admins,  to  analyze, 
design/develop  appls  using 
Lotus  Notes.  Lotus  Script. 
JScript,  HTML.  XML.  Oracle. 
MS  SQL  Server,  etc  under 
UNIX/Windows  OS:  install, 
administer/configure  Lotus 
Notes  R4/R5.  Domino  R6, 
Windows  NT;  maintain  backup, 
schedule  maintenance,  adminis¬ 
ter  user  accounts,  provide  user 
support  for  network  problems. 
Require:  B.S.  or  foreign  equiv  in 
CS/Engg(any  branch)  with  2  yrs 
exp  in  system  admin.  High 
Salary.  F/T.  Travel  involved. 
Resume  to:  HR,  Salem 
Associates,  Inc.,  405,  6th  Ave.. 
Ste  1 02,  Des  Moines,  IA  50309. 


Paradigm  Infotech  is  looking  for 
programmer/system  analysts, 
s/w  engineers.  Candidate  must 
have  BS  with  at  least  one-year 
IT  experience.  Good  skills  in 
C/C++,  Java,  Oracle,  WebLogic, 
VB,  HTML.  ERP  are  plus. 
Traveling  is  required.  Apply 
jobs@paradigminfotech.com. 
EOE 

Synova  Inc  is  seeking  profes¬ 
sionals  with  following  skills: 
Programmer/System  Analysts, 
Engineers  in  Mainframe,  Web 
Tech,  Technical/functional  (SAP 
&  Peoplesoft),  Java,  VB, 
Rational/RUP,  UML,  J2EE,  Unix 
DBA,  Oracle,  SQL  DBAs. 
Respond  to: 
ads@synovainc.com 


System  Analyst  wanted  to 
analyze  data  processing 
problems  for  application  to 
electronic  data  processing 
systems;  analyze  user  re¬ 
quirements,  procedures, 
and  problems  to  automate 
or  improve  existing  sys¬ 
tems,  and  related  duties. 
BS  in  CS  or  in  Electrical 
Eng.  2  yrs  exp  Required. 
Send  resume  to  Advanced 
Control  Systems  Corp.,  35 
Corporate  Park  Dr., 
Pembroke,  MA  02359. 


Sr  Software  Engineer 
(Monrovia,  MD)  for 
s/ware  product  co. 
Reqs:  Bach  degree  in 
Comp  Sci/Comp  Eng 
or  EE  &  5  yrs  exp  in 
job  offrd  or  relatd. 
Send  resume  to: 
Qovia  Inc.,  4937-D 
Green  Valley  Rd,  Unit 
4,  Monrovia,  MD 
21770,  attn:  Lance  C. 


Engineering  Programmer 
sought  to  convert  engi¬ 
neering  formulations  into 
computer  programs  to  be 
used  for  oil  drilling  equip¬ 
ment.  Program  and  cus¬ 
tomize  drilling  rig  systems 
to  meet  the  clients'  needs, 
and  perform  related 
duties.  B.S.  in  Computer 
Science  and  experience 
required.  Send  resume  to 
EMER  International,  Inc., 
19424  Park  Row,  Suite 
104,  Houston,  TX  77084. 


THE  WORLD’S  BEST 
IT  TOOL  IS  IN 
YOUR  HANDS. 


THE  WORLD’S  BEST 
IT  TALENT  IS  AT 
OUR  SITE. 

WHAT  ELSE  WOULD  YOU 
EXPECT  FROM  THE  ONE  AND 
ONLY  CAREER  RESOURCE 
FOR  READERS  OF 
COMPUTERWORLD, 
INFOWORLD  AND 
NETWORKWORLD? 


COME  ON, 

RECRUIT  OUR  READERS 
AND  YOU’LL  RECRUIT 
LESS  OFTEN 

www.itcareers.com 
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Easy  Access  To  Your  Technology 


Count  on  Ergotron 
for  convenient 
access  to  your 
servers,  monitors 
and  cables. 


•  Superior  cable  management 

•  Flat  panel  and  CRT  monitor  arms 

•  4,500  lbs  weight  capacity 

•  Highly  modular  components 


Call  1-800-888-8458  or  visit 

http://solution.ergotron.com 


Universal  Rack-  Quik-Touch* 

mount  Enclosures  Cable 

Management 


Computer 

Carts 
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ERGOTRCD 


High  power  densities  can  create  hot 
spots,  which  cause  equipment  fail¬ 
ures  and  expensive  downtime. 


Traditional  data  centers  are 

built  out  for  future  capacity 
and  require  a  large  amount 
of  floor  space.  Hot  spots  are 
common. 


UrtraStruXuie  Architecture 


InfraStruXure'  lets  you  build 
out  capacity  as  required  and 
deliver  cooling  directly  where 
needed  Reclaim  an  average  of 
20%  usable  space. 


Are  you  really  as  dense 
as  we  think  you  are? 


As  racks  become  increasingly  populated 
with  thinner,  deeper  servers,  high  power 
densities  in  your  server  room  or  data 
center  can  create  havoc,  from  early 
equipment  failures  to  expensive,  forget- 
about-y our- job- security  downtime. 

Introducing  InfraStruXure"*  architecture, 
the  industry's  only  patent-pending,  net¬ 
work-critical  physical  infrastructure. 
InfraStruXure"  lets  you  target  power  and 
cooling  precisely  where  your  mission-crit¬ 
ical  applications  live — the  rack  enclosure. 


lnfraStru>\ure 


$Cu, 


Open,  adaptable  and  integrated 
architecture  for  on-demand 
network-critical  physical  infrastructure 


Which  means  you  can  target  availability, 
pay  as  you  grow,  adapt  to  change,  and 
maximize  efficiency  while  minimizing 
installation,  operating,  service,  and  main¬ 
tenance  costs. 


And  because  InfraStruXure  architecture 
uses  a  modular,  manageable,  pre-engi- 
neered  approach,  you  can  select  standard¬ 
ized  components  to  create  your  own  cus¬ 
tomized  solutions. 


In  times  like  these,  it  pays  to  think  smart. 
For  more  information  on  InfraStruXure’s 
open,  adaptable,  integrated  approach  to 
network-critical  physical  infrastructure, 
visit  us  online  today  at  www.apc.com. 


Legendary  Reliability* 


s 


FREE wiwe paper -Avoi*^ cosb  tram  j0  onjer  yjsjt  htto://promo.apc.com  K ey  Code  m174y 

Overaang  Data  Center  and  Network  Room  „  r  r  • 

Infrastructure'  and  Free  InfraStruXure' Brochure.  Cflll  888"289_APCC  X2889  •  FflX  401 _788“2797 
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Strength,  Stability,  and  Flexibility 

All  at  a  price  that  won’t  break  your  budget  ! 


The  NetWorkCenter  Racks 
Offer  You: 

•  In  Stock  Availability 

•  Easy  Set-Up 

•  Incredible  Strength 

•  Functional  Design 

•  Savings  up  to  30% 


Contact  us  today  and  see  why 
people  have  been  saying  for 
years  that  the  NetWorkCenter 
is  the  best  rack  that 
money  can  buy. 


AMERICAN 

www.networkcenter.com  network  products 


Get  More  Computers  in  Less  Space 

in  10  Days  or  Less 

Now  you  can  stack  computers  3  levels  up  to  7  feet 
high.  With  cable  channels  at  each  level. 

We’ll  design  maximum  flexibility  into  your  available 
space.  Tell  us  what  space  and  what  equipment, 
and  we’ll  give  you  a  3-D  PLAN  AT  NO  CHARGE! 

Choose  the  award-winning  ISO  9001  system  from 
Europe  or  a  typical  North  American  workhorse. 

You  can  receive  your  order  in 
5-7  business  days.  G  s  A  GS29F269H 

I.S.O.  9001  CERTIFIED 
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Bin 


COOLIT  2000  Series 


cj urm 


Plug  and  cool  -115  V. 


Portable  -  Compact  -  Self-Contained 


ADAPT 


\vur  Spa!  C  uo/ihk  W.  Ktusis 


800-243- COOL 


FREE  Cooling  Analysis  Guide  ONLINE! 


www.CoolestSpot.com 


Online  ordering 
next  day  shipping 


Quality  Products  &  Services 
from  the  best  injie  industry 
24-Hour  R^aiMService 


> 


Sales,  Re^irs^*  Maintenance 

SUN,  ATL,  Exabyfre^mantum,  DEC,  Compaq,  Dell 

4mm,  8mm,  DLT  Tape  Drives 
and  Tape  Libraries 


Web  site:  www.wccx.com  email:sales@wccx.com 
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www.salixgroup.com 

COMPUTER 

SECURITY 


u 


Be  careful  out  there” 


Custom  fire  “rooms” 
and  “vaults”  available 


DATA  SAFE 


MIXED 
MEDIA  FILE 

For  paper  and 
computer  media 


Store  diskettes,  tapes  and  cartridges  - 
in  a  DATA  SAFE 


Store  paper  documents  and  computer 
media  in  the  new  mixed  media  safes 
and  files 


Both  units  protect  valuable  records 
from  fire,  water,  smoke,  humidity, 
sunlight,  vandalism  and  theft 

Units  are  available  in  various  sizes 


THE  SALIX  GROUP  1-800-668-9319  ext.  201 


(please  turn  over) 


Strong  Solutions  from  American  Network  Products 


When  it  comes  to  computer  racks  and  cabinets  you 
get  what  you  pay  for.  After  investing  thousands  of 
dollars  into  your  system  hardware  why  settle  for  a 
cheap  rack?  The  NetWorkCenter  is  designed  to 
give  you  maximum  strength  and  design  flexibility. 
Moderately  priced,  this  system  is  the  solution  you 
can  rely  on  for  years  to  come. 


VISIT  OUR  WEBSITE 

to  find  out  more  about  our  entire  line 

of  rack  solutions. 


AMERICAN  NETWORK  PRODUCTS 

For  more  information  call  508-867-3801  or  e-mail  us  at  amnetpro@aol.com 
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www.networkcenter.com 


- ! - 

SUN  Microsystems 

Used  &  Refurbished 

Workstations  &  Servers 


Sell 

Buy 

Rent 


Repair 

HotSwap 


V. 


Immediate  Delivery  ! 


West  Coast  Computer  Exchange,  Inc. 
11167-A  Trade  Center  Drive 
Rancho  Cordova,  CA  95670 
Call  916-635-9340  or  fax  916-635-9485 
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consider 

THIS 


If  your  EQUIPMENT  goes  down, 
so  does  your  business. 


YES!  My  equipment  needs  COOLIT  Cooling! 

Please  □  Send  □  Fax  □  Email  me: 


□  Cooling  Analysis  Guide 

□  Product  Literature 

□  Current  Pricing 

My  need  is  □  Immediate  □  3-6  Months  □  File  Only 


Name 


Company _ 

Address _ 

City,  State,  Zip 
Phone  _ 


E 

o 

o 


o 

Q. 

V) 


o 

o 

o 

s 


Fax 


Email 


Fax,  Mail  or  Email  Today! 

Fax  540-622-2634 

Email  nww@coolestspot.com 


PLACE 

STAMP 

HERE 


Hoi  Spots  are  History  with... 

ADAPT 

“Your  Spot  Cooling  Specialists ” 

AirPac  Technology  Park 
888  Shenandoah  Shores  Road 
Front  Royal,  VA  22630  USA 
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IT 


careers 


Programmers  to  analyze, 
design,  test  data  warehousing  / 
data  mart,  software  appls  and 
ETL  tools  like  Informatics  and 
Cognos.  Oracle,  MS  SQL 
Server,  Dev  2000  under 
Windows  OS  OR  analyze, 
design  buss./scientific  appls 
using  SAP  R/3,  ABAP,  VB, 
Oracle,  SQL  Server  on  UNIX/ 
Windows  envir.;  gather  and  doc¬ 
ument  reqs  from  user  communi¬ 
ty;  test/troubleshoot  project 
appln  code  according  to  system 
objectives.  Require:  B  S.  or  for¬ 
eign  equiv.  in  CS/Engg  (any 
branch)  and  6  months  exp  in  IT. 
In  lieu  of  BS,  3yrs  of  academic 
studies  towards  a  Bachelors 
plus  1  yr  of  exp  in  IT  will  be 
acceptedHigh  salary  Travel 
involved.  F/T.  Respond  to: 
Smartsoft  International,  Inc., 
4898,  South  Old  Peachtree  Rd.. 
Ste  200,  Norcross.  GA  30071. 


ComSpec  International  is  look¬ 
ing  for  system/programmer  ana¬ 
lysts.  Duties  include  design  test 
data  and  test  plan,  use  Uniface, 
Oracle.  Access  XP,  Crystal 
Report.  Qualified  applicants 
must  have  BS  with  exp  as  soft¬ 
ware  developer.  Please  contact 
R  Brender@comspec-intnl  .com . 
EOE 

Corpus  has  multiple  openings 
for  IT  professionals  Following 
skills  preferred:  Oracle,  SQL, 
PL/SQL,  COBOL,  C/C++,  VB, 
SAP,  Java.  XML,  ERP,  ASP,  NT, 
XSL.  Minimum  BS  degree. 
Traveling  is  required  for  some 
positions.  Please  send  resumes 
to  info@corpuslnc.com.  EOE. 


Seeking  qualified  applicants  for 
the  following  positions  in 
Memphis,  TN:  Senior  Systems 
Programmer.  Devise  proce¬ 
dures  to  solve  complex  systems 
and  applications  problems. 
Requirements:  Bachelor's  deg¬ 
ree*  in  computer  science,  MIS, 
engineering  or  related  field  plus 
5  years  of  experience  in  sys¬ 
tems  programming.  Experience 
with  UNIX,  C  and  logistics  code 
development  also  required. 
"Master's  degree  in  appropriate 
field  will  offset  2  years  of  gener¬ 
al  experience.  Submit  resumes 
to  Sibi  George,  FedEx 
Corporate  Services,  1900 
Summit  Tower  Blvd.,  Suite  1400, 
Orlando,  FL  32810.  EOE 
M/F/D/V. 


Manager  of  Customer  Appli¬ 
cations  wanted  by  shipping 
and  container  co.  in  Tampa, 
FL.  Must  have  a  minimum  4 
years  exp.  as  a  Computer 
Systems  Analyst/Programmer 
Analyst  or  related  occupation, 
with  4  yrs.  exp,  with  AS400/ 
iSeries  programming  including 
CL,  RPG,  2  yrs.  exp.  using 
RPGIV/ILE  and  1  yr.  exp.  using 
Robot,  Implementer  and 
Hawkeye  Pathfinder.  Refer  to 
Job  #IMG100  Lykes  Lines 
Limited,  LLC  (CP  Ships),  401 
East  Jackson  St.,  Suite  3300, 
Tampa.  Florida  33602. 


Want  a  new 
IT  career? 


Check  out  our  jobs 
in  the  combined 


CareerJournal.com 


database. 


www.itcareers.com 


Programmer/Analyst  needed  for 
analysis  and  design  of  systems 
solutions  across  multiple  techni¬ 
cal  and  business  environments. 
Requires  3  years  of  experience 
in  job  offered  or  in  related  occu¬ 
pation  of  Programmer.  Exper¬ 
ience  must  include  3  years 
with  Visual  Basic  and  Oracle 
and/or  SQL;  and  2  years  with 
ASP  and  Javascript.  Salary 
offered:  $69,030.  Send  res¬ 
umes  to  Bureau  of  Labor  Stand¬ 
ards,  45  State  House  Station, 
Augusta,  Maine  04333-0045. 
Refer  to  job  order  #38081  for 
Programmer  Analyst. 


Prog/Analyststo  design,  devel¬ 
op/deploy  complex  appls  using 
Cold  Fusion,  Oracle,  Java, 
Jscript,  HTML,  SQL  Server,  Cold 
Fusion  App.  Server,  WebLogic, 
etc.  under  Windows  OS;  ana¬ 
lyze  functional  and  user  reqand- 
new  tech,  to  solve  business 
problems;  test,  troubleshoot 
and  debug  appls.  Require:  B.S. 
or  foreign  equiv  in  CS/Engg  (any 
branch)  field  with  2  yrs  exp  in  IT. 
High  salary.  F/T  position.  Travel 
Required.  Resume  to  HR. 
Smartsoft  International,  Inc., 
4898,  South  Old  Peachtree  Rd, 
Norcross,  GA  30071 


S/W  Enggs  to  analyze,  design 
develop  appls  using  C++,  Java. 
CORBA.  EJB,  JDBC,  JSP, 
Rational  Rose.  CGI,  SQL, 
Oracle,  Crystal  Reports, 
Weblogic  under  Windows/UNIX 
OS;  perform  project  scoping, 
project  planning  project  time/ 
cost  schedules,  quality  of  deliv¬ 
erables;  study,  evaluate  new 
tech/methodologies;  provide 
technical  guidance  for  complex 
user  problems.  Require:  MS  or 
foreign  equiv.  in  CS/Engg.  (any 
branch)  &  1  yr  exp.  in  IT.  High 
Salary.  F/T.  Travel  involved. 
Respond  to:  HR,  Unilinx,  Inc., 
4625  Alexander  Dr.,  Ste  110, 
Alpharetta,  GA  30022. 


Programmer  Analysts:  Plan,  de¬ 
sign,  develop,  configure,  code,  im¬ 
plement  &  analyze  computer  pro¬ 
grams  &  systems.  Modify  existing 
application  and  provide  systems 
support.  Analyze  users  requirement 
to  enhance  system  performance. 
Req.  Bachelor's  degree  or  equiva¬ 
lent  in  CS,  CE,  EE  (Electrical  or 
Electronic  and  Communication  En¬ 
gineering).  Must  be  proficient  in 
either  C++  ,  Oracle,  PowerBuilder, 
MCSE,  CCIE,  Unix  Shell-program¬ 
ming,  CrystalReports,  CCNA,  or 
Rational  Rose.  40hr/wk,  9:00  a.m  - 
5:00  p.m.  Send  resume  to  Think 
Development  Systems,  Inc.,  6292 
Lawrenceville  Hwy.,  Suite-C, 
Tucker,  GA  30084. 


Software  Engineers.  Analyze 
requirements,  formulate  design, 
test,  modify  and  develop  sys¬ 
tems/software  applns;  using 
MQ  Series,  Weblogic,  J2EE, 
RMI,  JMS,  JDBC,  JNDI,  JTA, 
TIBCO,  UML,  Netscape  Direct¬ 
ory  Server,  Oracle,  DB2,  PL/ 
SQL,  etc.  to  determine  feasibili¬ 
ty;  prepare  &  design  specs; 
develop  testing  procedures. 
Reqd.  BS  or  Equiv.  in  edu  & 
exp.  in  CS/Engg/Maths/related 
plus  2  yrs  exp.  Comp,  salary, 
send  resume  to  HR  Surecom 
Inc.,  82  West  Main  Street, 
Northboro,  MA  01532. 


Senior  Software  Engineer  (Port¬ 
land,  Oregon)  -  Responsible  for 
full  life-cycle  development  of  ob¬ 
ject-oriented  multithreaded  Win¬ 
dows  applications  using  Visual 
C++  to  provide  network  wide 
system  solutions  to  report  and 
control  network  consumption 
and  improve  end-user  response 
time.  Develop  algorithms  for 
Socket  based  TCP/IP  applica¬ 
tions  to  manage  distributed 
components  that  align  network 
consumption  for  customers 
needs.  Use  Layered  Service 
Provider  ("LSP")  technology  to 
implement  product  features. 
Must  have  Bach.  deg.  or  equiv. 
in  Comp.  Sci.,  Eng.  or  related 
field.  Must  have  5  yrs  of  exp.  in 
the  job  offered  or  5  yrs  in  a  posi¬ 
tion  involving  full  life  cycle  devel¬ 
opment  of  object-oriented  Win¬ 
dows  applications  using  Visual 
C++.  Exp.  mentioned  may  have 
been  obtained  concurrently  and 
must  include:  (i)  1  yrof  exp.  de¬ 
veloping  algorithms  for  Windows 
Socket  based  TCP/IP  applica¬ 
tions  to  manage  distributed 
components;  (ii)  2  yrs  of  exp. 
building  multithreaded  apps  for 
Microsoft  Windows  platform; 
and  (iii)  1  yr  of  exp.  implement¬ 
ing  product  features  using  LSP 
technology.  Must  be  legally 
authorized  to  work  in  the  U  S. 
Please  send  resume  to  S. 
Pandya  (REF:SSE),  Centrisoft 
Corp.,  707  Southwest  Washing¬ 
ton.  Suite  1200,  Portland,  OR 
97205. 


Applications  Support  Analyst,  On¬ 
tario.  CA.  Consult  w/  SAP  users  to 
identify  &  analyze  SAP  processes 
&  issues.  Redefine  SAP  process¬ 
es,  recommend  &  help  implement 
changes.  Change,  maintain  &  doc¬ 
ument  Warehouse  SAP  processes 
per  ISO  2000.  Assist  QA  Dept.  & 
processes,  &  act  as  Internal  ISO 
Auditor  for  Configuration  Ctr. 
"Write  up"  user  needs,  prog,  func¬ 
tions,  &  steps  to  develop/modify 
relevant  programs  &  syst;  prep, 
workflow  charts  &  diagrams  re 
same.  Help  resolve  work  problems 
re:  flow  charts,  project  specs,  pro¬ 
gramming.  BS  or  equiv  +  1  yr 
experience,  incl.  QA.  Fluent  SAP 
R/3,  AllClear,  Visual  C++  &  C++, 
HTML,  ASP.  Rational  Rose.  Send 
resume  to  VP,  HR.  En  Pointe 
Technologies.  100  N.  Sepulveda 
Blvd.,  19th  FI.,  El  Segundo,  CA 
90245. 


Programmers  to  analyze/ 
design  database  &  other  soft¬ 
ware  appls  using  Oracle,  SQL, 
Visual  Basic,  Active  X, 
FormBuilder  etc.  under 
Windows  and  UNIX  OS;  devel¬ 
op  system  spec;  enhance  and 
modify  existing  appls;  study, 
evaluate  new  tech/methodolo¬ 
gies;  provide  technical  guid¬ 
ance  for  complex  user  prob¬ 
lems.  Requires  B.S.  or  foreign 
equiv.  in  CS/Engg.  (any  branch) 
&  6  months  of  exp.  in  IT.  Apply 
by  resume  to:  HR,  Fourth 
Technologies.  Inc.,  585  Tollgate 
Rd.,  Ste  I,  Elgin,  IL  60123. 


Senior  Software  Engineer 
sought  by  legal  information 
services  co.  with  office  in 
Glendale,  CA.  Exp  in  VB, 
OOAD  methodology,  COM, 
UML,  DHTML,  XML,  ASP, 
C++/Java,  IIS,  ADO.  C#, 
NET,  Oracle,  Crystal  Reports 
and  SQL  Server.  Analyze, 
design,  develop,  test  &  sup¬ 
port  web-based  e-commerce 
applications  for  MS  Windows. 
Resumes  to  HR  Dept.,  CCH 
Legal  Information  Services, 
Inc.,  Ill  Eighth  Ave,  NY.  NY 
10011. 


Get  Ahead  In  Your  Career! 


Meet  Face-To-Face  With  Leading  Employers  At  The... 

GmeerhuR 


CHICAGO,  IL 

Tuesday,  July  29 

Navy  Pier 

600  E.  Grand  Avenue  •  Chicago,  IL  60611 

Partial  List  of  Employers  Includes:  ACE  Hardware 
Corporation,  ASAP  Software,  Blockbuster,  Computer 
Associates,  Drug  Enforcement  Administration, 
GlaxoSmithKline,  Liberty  Mutual,  Merck,  Northrop 
Grumman  Corporation,  Office  Depot,  Progressive 
Insurance,  SBC  Communications,  TransUnion,  U.S. 
Border  Patrol,  Verizon  Wireless  and  Wal-Mart  Stores, 


PHILADELPHIA,  PA 

Tuesday,  July  29 

Pennsylvania  Convention  Center 

12th  &  Arch  Street  •  Philadelphia,  PA  19107 

Partial  List  of  Employers  Includes:  American  Express 
Financial  Advisors,  ARAMARK  Healthcare  Support, 
Bed  Bath  S  Beyond,  Clear  Channel  Radio,  Clement 
Publishing  Group,  Comcast,  Daimler-Chrysler,  Federal 
Aviation  Administration,  FedEx,  Lockheed  Martin, 
Merck,  Progressive  Insurance,  Sovereign  Bank,  Takeda 
Pharmaceuticals,  Target  Stores  and  The  Pep  Boys. 


Exhibit  Hours  for  Both  Events:  11:30am  -  4:30pm  •  Free  Admission 

Employers  -  To  exhibit,  please  call  Gloriann  Clark  at  310-309-4409. 


For  the  latest  information,  visit  diversitycareerexpos.com. 


Trustek,  Inc.  Consulting  firm  is 
seeking  Software  Engg.  w/MS  & 
min.  1  yr.  exp.  or  equiv.  &  Prog, 
Analyst  w/BS  &  2  yrs.  exp.  or 
equiv.  Travel/Relo  required  any¬ 
where  in  US.  C,  C++,  NT,  UNIX, 
Shell,  Perl,  CGI,  Sybase,  .Net 
Studio,  VB.Net,  ASP.Net,  SQL 
Server,  WebPages,  JavaScript, 
VBScript.  CORBA,  HTML/ 
DHTML,  ASP,  CSS,  CPM/DCOM, 
COM+,  Crystal  Reports,  Archi¬ 
tecture.  Erwin,  Developer  2K, 
PL/SQL.  SQL'Plus.  Forms.  Re¬ 
ports,  Express,  Designer  2K, 
Star/Snowflake  Schema,  Model¬ 
ing,  Java,  JSP,  XML.  XSL.  XSLT, 
J2EE,  EJB.  WebSphere,  Web- 
Logic.  UML,  Rational  Rose.  JDK. 
Swing,  Struts.  Datawarehousing. 
ETL,  OLAP,  DSS,  Informatica 
(PowerCenter,  PowerMart).  Cog¬ 
nos  (Impromptu,  PowerPlay), 
Brio,  Business  Objects.  SUN. 
Solaris,  HP-UX.  ITO,  Veritas, 
EMC,  SAN,  OpenView,  Oracle 
Clinical.  ClinTrial,  SAS,  FDA  reg¬ 
ulations.  Validations,  Oracle 
Applications,  nQuery,  People- 
Tools,  PeopleCode,  PeopleSoft, 
SAP  R/3,  SapScript,  SmartScript, 
Idocs,  ALE.  EDI.  BASIS.  ABAP. 
BW,  APO,  ITS,  Adaytum,  Cognos 
Business  Suite. Software  Engin¬ 
eer  Position  applicant  should  also 
have  exp.  in  interface  w/hardware 
&  software.  All  applicants  should 
be  able  to  provide  functional 
implementation,  config,  train, 
analyze,  implement,  code,  test, 
backup,  install,  manage,  cus¬ 
tomize.  tuning.  AS-IS  study. 
Internet/Intranet  applications, 
stored  procedures,  triggers. 
Create  database  tools,  tables, 
files,  roles,  indexes,  space  man¬ 
agement  and  re-organize.  Apply 
w/resumes  to  Attn:  Recruiter.  2 
Ethel  Road,  Suite  202-C,  Edison. 
NJ  08817. 


ERP  Business  Process  Manager 


According  to  a  recent  poll  by  Computerworld,  that  included 
11,500  IT  employees,  Hershey  is  “The  best  place  to  work  if  you  are 
an  IT  Professional". 

We  are  currently  seeking  qualified  professionals  to  serve  as  SAP 
ERP  Business  Process  Managers.  The  key  responsibility  of  this  role 
is  to  act  as  a  bridge  between  the  Information  Services  Group,  and 
the  HR  and  Manufacturing  oiy>anizations,  working  primarily  on 
either  the  compensation  and/or  time  management  modules 
of  SAP  (2  open  positions).  In  this  role  you  will  be  responsible  for 
all  aspects  of  the  implementation  lifecycle  including:  complex 
business  process  design,  development  &  optimization,  SAP 
configuration,  strategic  direction  for  the  integration  of  various  SAP 
modules,  testing  and  the  training  and  development  of  customer 
and  junior  team  members.  You  will  also  be  responsible  for 
customer  relationship  management,  project  proposals,  leading 
budgeting  and  resource  planning  within  the  area  of  expertise,  and 
providing  overall  strategic  direction  regarding  the  deployment  of 
SAP  at  Hershey  Foods  Corporation. 

The  ideal  candidate  will  have: 

•  Bachelor’s  of  Science  degree 

•  Minimum  of  3  years  of  SAP  design  and  implementation 
and  a  minimum  of  10  years  in  Information  Services  or  an 
operational  business  area 

•  Ability  to  lead  solutions  within  a  functional/business 
process  area 

•  Knowledge  of  business  process  improvement  programs 
within  the  consumer  packaged  goods  industry  or  a 
related  field 

Various  IT  positions  also  available 
We  offer  401  (k)  and  slock  plans.  Please  apply  via  our  website  at: 

www.hersheys.com/careers. 

We  will  only  respond  to  those  individuals  who  will  be 
interviewed.  Equal  Opportunity  Employer  M/F/D/V. 


Hershey  Foods  I 


NW0307  U£  VS  WV  2 


Computerworld  •  InfoWorld  •  Network  World  •  July  14,  2003 


£r  -  A1  Engr.-  A$  member  of  SW  developmt.  team,  design  &  develop  SW  &  sustain  co.'s  cutting-edge  telephony  devices.  Will 
o-uop  &  enhance  serviceability  tools  &  participate  in  design  &  code  reviews.  Will  test  &  integrate  telecom  products  &  pro- 
v;de  *  r't'cal  bug  fixes  for  customers  In  addition,  will  provide  customer  SW  enhancements  &  use  programming/analytical  skills 
m  order  to  provide  services  for  debugging  Must  have  B.S.  in  Comp.  Eng'g,  Comp. Sci..  E.E.  or  equiv.  +  5  yrs.  exp.  in  the  job 
offered  or  5  yrs  progressively  responsible  post-grad  SW  developmt.  exp  (5yrs.  exp  must  include  at  least  2.5  years  exp.  w / 
"f.iecom  SW  development.)  In  the  alternative,  employer  will  accept  M  S  in  stated  fields  +  2  yrs  relevant  exp.  Must  have 
Knowledge  >n  at  least  one  of  the  following  telecom  protocols.  ISDN  or  SS7  Call  processing,  ATM  or  TCP/IP.  as  well  as  strong 
cooing  skills  in  C.  40  hrs/wk;  Salary  $92,833/yr  Send  2  copies  of  resume  to  Case  #200201602  and/or  200201644  ,  Labor 
Exchange  Office,  19  Stamford  St  1st  FI.  Boston  MA  02114. 

Sr  SW  Engr  -  Develop,  integrate,  maintain  &  test  complex  communication  protocols  including,  but  not  limited  to:  Sigtran. 
SS7/CCS7  &  ISDN  Participate  in  design  &  code  reviews  of  new  SW  &  modiftca'ns  to  exist'g  SW  Develop,  maintain  &  test 
telecom  applications  &  system  SW  responsible  for  configunng  &  controlling  the  system,  internal  communication  between  SW 
entities,  fault  tolerant  &  redundant  operation  of  SW  Analyze  &  document  computenzed  telecom  system  SW  reqs..  function¬ 
al  specs  .  architectural  specs  &  design  specs.  Must  have  M  S.  in  Comp.  Eng'g,  Comp.  Sci.,  E.E.  or  equiv.,  +  2  yrs.  exp.  in 
job  offered  or  2  yrs  exp  w/telecom  SW  development.  (Exp.  may  be  gained  before  or  after  M  S.).  In  the  alternative,  employ¬ 
er  will  accept  Bachelor's  degree  +  5  yrs  of  progressively  responsible  post-grad  SW  development  exp.,  including  2  yrs.  tele¬ 
com  SW  developmt.  exo.  Must  have  proficiency  in  C  programming,  as  well  as  knowledge  of  telecom  protocols.  40  hrs/wk. 
Salary  $92.833/yr.  Send  2  copies  of  resume  to:  Case  #200201646.  2002  Labor  Exchange  Office.  19  Staniford  St  1st  FI, 
Boston  MA  02114. 

Sr  SW  Engr  -  As  a  member  of  SW  developmt.  team,  design  &  develop  Element/Network  Management  SW.  Will  determine 
SW  developmt  process  best  practices  including  design  &  code  reviews.  Will  prepare  specs,  for  Element/Network 
Management  SW  Will  design  &  develop  Plexus  PlexView  Element  Manager  SW.  In  addition,  will  test  &  integrate  EM  SW 
w /  Plexus  9000  &  other  products  developed  by  the  company  as  applicable  Must  have  B.S.  in  Comp  Sci. /Eng’g. 
Electncal/Electronics  Eng'g  or  equiv.  +  3  yrs  exp.  in  job  offered  or  3  yrs.  exp.  in  SW  developmt.  Must  have  developmt.  exp. 
v//  element/network  mngmt.  SW  for  the  telecom  industry.  Must  have  exp.  develop'g  SW  applications  on  UNIX  platforms  using 
Java  and/or  C/C++  40  hrs/wk.  Salary:  $92,833/yr.  Send  2  copies  of  resume  to:  Case  #200201665,  Labor  Exchange  Office. 
19  Stamford  St  1st  FI.  Boston  MA  02114 

Sr  SW  Engr  -  As  member  of  SW  developmt.  team,  design  &  develop  SW  &  sustain  co.’s  cutting-edge  telephony  devices. 
Will  develop  &  enhance  serviceability  tools  &  participate  in  design  &  code  reviews.  Will  test  &  integrate  telecom  products  & 
provide  critical  bug  fixes  for  customers.  In  addition,  will  provide  customer  SW  enhancements  &  use  program’g/analytical  skills 
in  order  to  provide  services  for  debugging.  Must  have  M.S.  in  Comp.  Eng'g.  Comp.  Sci.,  E.E.  or  equiv.  +  2  yrs.  exp.  in  job 
offered  or  2  yrs.  exp  w/Telecom  SW  developmt.  (exp.  may  be  gained  before  or  after  M.S.)  In  the  alternative,  employer  will 
accept  Bachelor’s  degree  +  5  yrs.  of  progressively  responsible  post-grad  SW  developmt.  exp.  includ'g  at  least  2.5  yrs.  exp. 
w/telecom  SW  developmt  Must  have  knowledge  in  at  least  one  of  the  following  telecom  protocols:  ISDN.  SS7  Call  pro¬ 
cessing,  or  TCP/IP  as  well  as  strong  coding  skills  in  C.  40  hrs/wk;  Salary:  $92,833/yr.  Send  2  copies  of  resume  to:  Case  # 
200201687,  Labor  Exchange  Office,  19  Staniford  St.,  1st  FI,  Boston  MA  02114. 

Sr.  SW  Engr.-  As  member  of  Technical  Srvcs.  SW  developmt  team,  ensure  integrity  of  design,  developmt.,  implementa'n  & 
testing  of  communications  SW  for  co.’s  cutting-edge  telecom  products.  Resolve  complex  problems  caused  by  anomalies  in 
telecom  SW  for  network  sub-systems.  Reproduce  problems  in  lab.  Isolate  SW  problems  in  affected  module(s).  Develop 
interim  solu'ns  to  problems.  Assess  ways  to  enhance  prod,  reliability  &  serviceability.  Recommend  process  improvements 
to  enhance  service  delivery/offerings.  Work  closely  w/sustain'g  engrs.  to  find  root  cause  analysis  of  reported  anomalies.  Must 
have  B.S.  in  Comp.  Sci. /Eng'g.  Electrical/Electronics  Eng'g  or  equiv.  +  5  yrs.  exp.  in  job  offered  or  5  yrs.  exp  w/  SW  devel¬ 
opmt.  for  Telecom  Industry  (5  yrs.  exp.  must  be  progressively  responsible  post-grad  exp.)  Must  have  in-depth  knowledge  of 
telecom  protocols  (i.e  PRI,  SS7,  ATM,  TCP/IP)  &  scripting  languages  (i.e.  TCL/Expect.UNIX  shell  programming  &  PERL  as 
well  as  C/C++)  Must  have  exp  diagnosing  &  solving  complex  problems  in  telecom/data  networks.  40  hrs/wk;  Salary: 
$92.833/yr.  Send  2  copies  of  resume  to:  Case  #200201688,  Labor  Exchange  Office.  19  Staniford  St  1st  FI.  Boston  MA  02114. 

Sr.  SW  Engr  -  As  a  member  of  SW  developmt.  team,  design  &  develop  Element/Network  Management  SW.  Will  determine 
SW  development  process  best  practices  includ'g  design  &  code  reviews.  Will  prepare  specs,  for  Element/Network 
Management  SW  Will  design  &  develop  Plexus  PlexView  Element  Manager  SW.  In  addition,  will  test  &  integrate  EM  SW 
w/  Plexus  9000  &  other  products  developed  by  the  co.  as  applicable.  Must  have  B.S.  in  Comp.  Sci./Eng'g, 
Electrical/Electronics  Eng'g  or  equiv.  +  3  yrs.  exp.  in  job  offered  or  3  yrs.  exp.  in  SW  developmt.  Must  have  developmt.  exp. 
w/element/network  management  SW  for  telecom  industry  Must  have  exp.  develop'g  SW  applications  using  Java  and/or 
C/C++  40  hrs/wk;  Sal:  $92,833/yr.  Send  2  copies  of  resume  to:  Case  #200201691,  Labor  Exchange  Office,  19  Staniford 
St  1st  FI,  Boston  MA  02114 

Sr  SW  Engr  - As  a  member  of  Tech.  Srvcs.  SW  developmt.  team,  ensure  integrity  of  design,  developmt.,  implementation  & 
testing  of  communications  SW  for  co.'s  cutting-edge  telecom  products.  Resolve  complex  problems  caused  by  anomalies  in 
telecom  SW  or  network  sub-systems  Reproduce  problems  in  lab.  Isolate  SW  problems  in  affected  module(s).  Develop 
interim  solu'ns  to  problems.  Assess  ways  to  enhance  product  reliability  &  serviceability.  Recommend  process  improvements 
to  enhance  srvc.  delivery/offerings.  Work  closely  w /  sustain'g  engrs.  to  find  root  cause  analysis  of  reported  anomalies.  Must 
have  B.S.  in  Comp  Sci./Engr’g,  Electronics  Eng'g  or  equiv  +  5  yrs.  exp.  in  job  offered  or  5  yrs.  exp.  w /  SW  developmt.  for 
Telecom  Industry  (5  yrs.  exp  must  be  progressively  responsible  post-grad  exp.)  Must  have  in-depth  knowledge  of  telecom 
protocols  (i.e.  ISDN,  PRI,  SS7.  TCP/IP)  &  scripting  languages  (i.e  TCL/Expect.UNIX  shell  programming  &  PERL  as  well  as 
C/C++)  Must  have  exp.  diagnos'g  &  solv'g  complex  problems  in  telecom/data  networks.  40  hrs/wk;  Salary:  $92,833/yr. 
Send  2  copies  of  resume  to:  Case  #200201704,  Labor  Exchange  Office.  19  Staniford  St  1st  FI.  Boston  MA  02114. 

Sr  SW  Engr  -  Develop,  integrate,  maintain  &  test  complex  communication  protocols  including,  but  not  limited  to:  Sigtran, 
SS7/CCS7  &  ISDN.  Participate  in  design  &  code  reviews  of  new  SW  &  modifica'ns  to  exist'g  SW.  Develop,  maintain  &  test 
telecom  applications  &  system  SW  responsible  for  configuring  &  controlling  the  system  internal  communication  between  SW 
entities,  fault  tolerant  &  redundant  operation  of  SW  Analyze  &  document  computerized  telecom  system  SW  reqs.,  function¬ 
al  specs  .  architectural  specs.  &  design  specs  Must  have  M.S.  in  Comp.  Sci./Eng'g,  Electrical/Electronics  or  equiv.,  +  2  yrs. 
exp.  in  job  offered  or  2  yrs.  exp.  w/telecom  SW  development.  (Exp.  may  be  gained  before  or  after  M.S.).  In  the  alternative, 
employer  will  accept  Bachelor’s  degree  +  5  yrs.  of  progressively  responsible  post-grad  SW  developmt.  exp.,  including  2  yrs. 
telecom  SW  developmt  exp  Must  have  proficiency  in  C  programming,  as  well  as  knowledge  of  telecom  protocols.  40  hrs/wk; 
Sal:  $92,833/yr.  Send  2  copies  of  resume  to:  Case  #200201706,  2002  Labor  Exchange  Office,  19  Staniford  St  1st  FI,  Boston 
MA  02114. 


Business  Analyst  for  NYC  IT  co  to 
research  &  analyze  mktg  &  fin'l 
condns  incl  accts  &  target  clients 
&  eval  alternatives  to  improve  & 
expand  scope  of  current  opera¬ 
tions  &  present  recommenda¬ 
tions,  Analyze  current  fin'l  strate¬ 
gies  &  present  alternative  meth¬ 
ods  of  improving  fin'l  condition. 
Analyze  svcs  &  operations  &  rec¬ 
ommend  alternative  procedures 
to  increase  efficiency.  Analyze 
industry  conditions,  rules  &  regs 
Utilize  d/base  &  spreadsheet 
s/ware  to  prep  reports  Dvlp  & 
integrate  new  mgmt  systems  & 
conduct  research.  Bach/equiv  in 
Bus  Admin  &  2  yrs  exp.  Will 
accept  3-yr  college  in  specified 
fields  &  2  Vi  yrs  in  job  offd  Systec 
Int'l.  Inc,  350  5th  Ave,  Ste  7812, 
NY.  NY  10018.  fax  (212)  290- 
2889.  systec@systecusa  com. 

IT  PROFESSIONAL 

www.maximaconsultinq.com  has 
immediate  openings  for  Software 
Engineers  and  Analyst/Program¬ 
mers  for  assignments  in  Boston/ 
North  East  with  the  following  skills: 

INTERNET  COMPUTING 

JAVA  Design  &  Architecture 

JAVA/SWING/EJB’s 

ACTUATE/eTOOLS 

ASP.NET 

QA  TESTERS 

PM/Business  Analysts 

CLIENT/SERVER 

UNIX/C++/PERL/SQL 

Oracle  Financials 

Oracle/Sybase  DBAs 

UNIX  Admin./NT  Admin. 
VC++/VB/COM/DCOM 

Data  Warehouse  Specialists 

Maxima  Consulting,  Inc. 

27  Water  Street 

Wakefield.  MA  01880-3038 

C  a  r^ers^maximaconsuUing.cpm 

(781)  246-9500 

Software  Engineer  II:  For  co. 
specializing  in  mktg  &  mnfg  of 
computer  software,  write/modi¬ 
fy  applications,  programs  & 
modules  from  design  specs; 
test,  maintain,  debug,  update  & 
help  establish  quality  assur¬ 
ance  plans.  Req:  BS  or  equiv, 
in  Comp  Sci,  Comp  &  Info  Sci 
or  related  field.  1  yr  exp  in  job 
offered  or  1  yr  exp  as  Pro¬ 
grammer.  Exp  must  incl  object- 
oriented  analysis  &  design  & 
RDBMS  design;  may  be  gained 
while  pursuing  degree.  Pro¬ 
ficiency  in  Visual  C++,  C++, 
Java,  JDBC,  MS  SQL  server, 
ORACLE,  JSP,  HTML  & 
DHTML.  40  hrs/wk.  Send  res. 
to  Computerworld.  Ref  #3540, 
500  Old  Connecticut  Path, 
Framingham,  MA  01701. 

COMPUTERS 

Radiant  Soft  Sol,  Inc.,  a  S/ware 
Consulting  Comp.,  seeks  to  fill 
the  following  Multiple  Openings 
in  Arlington  Heights,  IL  &  unan¬ 
ticipated  locations  in  the  US: 
Sr  Software  Consultants  (BS  + 
3  yrs  exp),  Business/Systems/ 
Programmer/QA  Analysts  (BS 
♦  2  yrs  exp),  Database 
Analysts  (BS  +  3  yrs  exp  ), 
Network  Analysts  (BS  +  2  yrs. 
exp  )  and  IT  Managers  (BS  +  3 
yrs  supervisory  exp)  Respond 
by  resume  to  HR.  855  E.  Golf 
Road.  #1125.  Arlington 
Heights.  IL  60005 

Programmers  to  analyze/devel¬ 
op  software  appls  using  Oracle 
Apps.  Oracle,  PL/SQL,  Dev 
2000,  etc  under  Windows/UNIX 
OS;  assist  in  customizing  and 
migrating  Oracle  App;  customize 
Forms/Reports  using  Oracle 
Application  standards;  docu¬ 
ment  development  process. 
Require:  BS  or  foreign  equiv.  in 
CS/Engg  (any  branch)  &  6 
months  of  exp.  In  lieu  of  BS. 
3yrs  of  academic  studies 
towards  a  Bachelor  s  degree 
plus  1  yr  of  exp  in  IT  will  be 
accepted  Travel  involved.  F/T 
position  Competitive  salary 
Resume  to:  HR.  Quest 

America. Inc.,  211  East  Ontano 
Street.  Suite  1800.  Chicago.  IL 
60611 

Application  Analysts  & 
Developers,  OH  &  VA.  Soft¬ 
ware  (Reynolds  DMS  & 
Automark  products)  apps 
design  &  development  using 
Visual  InterDev,  BTW  (Bran¬ 
ded  Flow  Technology)  VB, 
VC++,  Businessware,  SQL 
Server  2000  &  ASP/IIS  5.0. 
Req  BS  in  comp  sci,  engg, 
or  related  field  &  1-2  yr  exp 
in  programming,  develop¬ 
ing,  or  analysis.  Resumes 
to:  K.  Cramer,  Reynolds  & 
Reynolds,  POB  2608, 
Dayton  OH  45401. 
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: SEMINARS  EVENTS 


Network  World  Seminars 
and  Events  are  one  and  two- 
day.  intensive  seminars  in 
cities  nationwide  covering 
the  latest  networking  technologies.  All  ot  our  seminars  are 
also  available  for  customized  on-site  training.  For  complete 
and  immediate  information  on  our  current  seminar  offerings, 
call  a  seminar  representative  at  800-643-4668.  or  go  to 
www.nwfusion.com/seminars. 
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Management  Services  at  (717)  399-1900  x129 
or  E-mail:  mshobengreprintbuyer.com 
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■  Inssons  from  leading  users 


Starbucks 

continued  from  page  1 

in  Starbucks  stores. 

Starbucks’  wireless  conversion 
started  in  earnest  last  August 
when  it  launched  T-Mobile  Hot- 
Spot  802.11b  service  in  1,200 
stores.  That  announcement  was 
the  formal  coming  out  for  a  ser¬ 
vice  born  in  partnership  with 
MobiieStar  —  which  later  went 
bankrupt  —  and  was  taken  over 
by  T-Mobile,  Snook  says. 

“Were  a  network-centric  com¬ 
pany  he  says,  and  setting  up  VPN 
nodes  in  stores  was  an  attractive 
idea  made  all  the  more  interest¬ 
ing  with  the  addition  of  the 
shared  1 1 M  bit/sec  wireless  hot 
spots. “We’ve  issued  wireless  lap¬ 
tops  to  mobile  employees  such 
as  district  managers  and  HR  re¬ 
cruiters.  Now  they’re  spending  a 
majority  of  their  time  in  the 
stores  where  they  manage,  and 
they  can  do  a  lot  of  the  work 
they  formerly  had  to  do  at  a  field 
office,”  Snook  says. 

For  instance,  hiring  employees 
used  to  involve  lugging  around  a 
lot  of  paperwork,  but  that  has 
changed.“lnstead  of  going  to  the 
field  office,  picking  up  all  the 
folders  and  files  for  candidates, 
they  just  bring  a  laptop,”  he  says. 
Recruiters  then  connect  to  Star- 
bucks’  intranet  via  the  wireless 
laptop  and  work  from  corporate 


human-resources  servers  locat¬ 
ed  regionally  that  host  hiring- 
workflow  applications  and  data¬ 
bases  of  job  candidates,  Snook 
says. 

Similarly,  district  managers  can 
sit  down  with  store  managers, 
call  up  sales  statistics  and  com¬ 
pare  current  store  sales  with  his¬ 
torical  sales  at  the  same  site  or 
with  the  performance  of  other 
stores. 

Starbucks  also  has  a  salesforce 
that  sells  coffee  to  hotels  and 
restaurants  that  uses  the  hot 
spots  as  field  offices  where  they 
log  on  and  gather  messages, 
place  orders,  check  order  status 
and  look  up  pricing. 

The  hot-spot  T-l  connects  to 
the  Internet,  and  laptops  con¬ 
nect  to  the  T-l  via  wireless,  both 
of  which  introduce  the  opportu¬ 
nity  for  hackers  to  break  in,  so 
Starbucks  secures  communica¬ 
tions  using  IP  Security  VPN  tech¬ 
nology  Company-issued  laptops 
carry  VPN  software  that  AT&T 
supplies  as  part  of  its  managed 
VPN  service.  The  VPN  software 
creates  a  secure  connection 
between  laptops  and  AT&T’s  net¬ 
work,  protecting  the  wireless  and 
the  Internet  link  from  intruders. 

These  secure  VPN  connections 
also  are  used  for  managing  store 
systems,  distributing  software 
such  as  the  applications  running 
on  cash  register  terminals, 
access  to  Starbucks’  intranet  and 
training,  Snook  says. 

IP  voice  easily  could  be  car¬ 
ried  on  the  network  as  well,  he 
says.  The  company  has  been 


Well  connected 


■  HOW  IT  WORKS 


Most  North  American  Starbucks  stores 
feature  two  broadband  connections,  phone 
lines  to  support  business  networking  and 
T-Mobile  HotSpots  for  customers. 


An  access  point  provides  the 
public  with  Internet  connectivity 
and  employees  with  a  VPN  link  to 

Starbucks  corporate  resources. 

_ _  , _ _ _ / 


Starbucks  store 


A  DSL  line  is  used  to  create 
an  IPSecVPN  to  do  checks 
of  credit  cards  and  Starbucks 

prepaid  cards. 

_ V 

Starbucks  main  site 


Wireless  access  point 


C= 

Card  reader 


Internet 


JHJ  [its' 


PSTN 


Phone  lines  back  up  the  card 
verification  link  and  access  to 
corporate  resources. 


Starbucks  now  installs  hot  spots  at  a 
feverish  rate,  with  100  or  more  stores 
being  turned  up  in  a  good  week. 


considering  the  technology  for 
several  years  because  most 
phone  calls  from  stores  go  to 
other  company  sites,  he  says.This 
traffic  pattern  means  most 
phone  calls  go  to  the  same  sites 
already  networked  for  data.  “The 
potential  savings  is  huge.You  can 
trust  me  that  there  are  business 
models  and  business  cases 
behind  it,” Snook  says.'The  matu¬ 
rity  of  the  technology  has 
arrived.” 

He  says  the  company  might 
impose  quality  of  service  on  the 
T-l  to  give  voice  packets  guaran¬ 
teed  preference  over  other  pack¬ 
ets  and  maintain  voice  quality 
Or  Starbucks  might  run  IP  voice 
over  a  separate  DSL  network  that 
has  been  installed  to  handle 
transactions  done  with  prepaid 
Starbucks  Cards  and  credit  card 
verifications. 

These  DSL  links  average  192K 
bit/sec  and  were  installed  in 
2001. The  company  didn’t  want 
customers  to  wait  while  trans¬ 
actions  were  processed  via  dial¬ 
up  connections,  which  was  the 
way  the  stores  previously  han¬ 
dled  credit  card  transactions. 
So  it  rolled  out  DSL  to  3,300 
stores  over  a  period  of  six 
months  before  the  prepaid  card 
launch. 

The  T-Mobile  HotSpot  project  is 
a  huge  team  effort,  drawing  on 
the  IT  staff  for  technical  and 
logistical  planning, and  represen¬ 
tatives  of  virtually  every  business 
unit  to  suggest  what  corporate 
resources  employees  might  ac¬ 
cess  over  the  network,  Snook 
says.  The  planning  phase  of  the 
project  took  six  months,  he  says. 
Starbucks  now  installs  hot  spots 
at  a  feverish  rate,  with  100  or 
more  stores  being  turned  up  in  a 
good  week,  Snook  says. 

Most  stores  have  dual  broad¬ 
band  connections  —  DSL  and 
T-l,  which  gives  Snook  the 
opportunity  for  innovation.  He 
can  test  new  uses  such  as  voice 
or  video  on  one  network  with¬ 
out  disrupting  the  other,  he 
says.  And  if  it  becomes  feasible 
in  the  future,  the  two  networks 
could  be  converged. 

T-Mobile  HotSpot  is  proving 
popular  with  customers,  says 
Lovina  McMurchy,  director  of 
new  ventures  for  Starbucks 
Interactive,  although  she  will  not 
reveal  numbers.  She  says  cus¬ 


tomers  who  use  wireless  say  they 
plan  to  continue  using  it  for  at 
least  the  next  six  months.  “It’s 
very  stick}?’  she  adds. 

The  hot-spot  business  is  still  in 
its  early  phase,  but  so  far  those 
using  the  service  generally  make 
more  than  $100,000  per  year, 
work  for  high-tech  companies, or 
are  in  management  or  sales, 
McMurchy  says.  About  5%  of  the 
customers  use  PDAs,  85%  use 
laptops  and  10%  use  both, 
according  to  a  survey  of  cus¬ 
tomers. 

While  the  service  is  a  plus  for 
Starbucks  customers,  McMurchy 
says  the  hot  spots  will  become 
part  of  a  larger,  interconnected 
hot-spot  infrastructure  that  is  just 


Boeing 

continued  from  page  12 


being  built.  Rather  than  register 
at  Starbucks  hot  spots  and 
McDonald’s  hot  spots  and 
Borders  hot  spots  and  airport 
hot  spots,  customers  will  register 
with  one  hot-spot  service  and  be 
allowed  to  roam  all  of  them, sim¬ 
ilar  to  the  way  cell  phone  com¬ 
panies  provide  ubiquitous  ser¬ 
vice,  she  says. 

So  she  expects  that  eventually 
hot-spot  providers  will  merge 
and  reach  settlement  agree¬ 
ments  that  let  customers  roam  as 
they  can  with  their  cell  phones. 
And  hot-spot  service  will  be 
combined  with  General  Packet 
Radio  Service  access  so  cus¬ 
tomers  can  wirelessly  connect 
over  public  cell  networks  when 
there  is  not  a  hot  spot  nearby. 
McMurchy  says  customers  will 
want  to  tap  whatever  public  hot 
spot  they  can,  not  just  those  in  a 
Starbucks  store.  ■ 

Get  more  information  online. 
DocFinder:  6758 
www.nwfusion.com 


a  Boeing  access  server.  Independent  of  the  SAML  system,  Boeing  pro¬ 
vides  Southwest  a  Web  service  to  upload  its  users’  identities  to  the 
access  server. 

The  access  server  provides  a  Boeing  encrypted  cookie  that  is  passed 
back  to  the  user’s  browser  at  Southwest.  The  Southwest  employee  is 
then  redirected  to  the  URL  for  the  MyBoeingFleet  application  on  the 
Boeing  network.  The  user  is  authenticated  using  the  Boeing  SAML- 
enabled  cookie  and  given  access  to  the  MyBoeingFleet  Web  site 
behind  the  Boeing  firewall. 

Boeing’s  Beach  says  the  system  is  an  extension  of  a  Web  single  sign- 
on  project  that  went  into  production  internally  at  Boeing  in  December 
2001.  By  February  of  this  year,  the  system  was  handling  100,000  logons 
per  day  to  more  than  100  applications.  Integration  of  external  users 
from  Southwest  began  in  May  and  went  into  production  last  month. 
The  company  plans  to  add  role-based  access  controls  later  this  year 
and  expects  to  complete  integration  of  single  sign-on  with  more  than 
1,000  applications  by  the  end  of  2004. 

The  work  to  integrate  Southwest,  however,  was  not  without  massive 
customization  to  the  Oblix  NetPoint  application,  and  Boeing  contin¬ 
ues  to  address  lingering  issues. 

For  instance,  the  browser  cookies  are  not  secure  on  the  Web, 
and  Boeing  had  to  add  better  encryption  and  support  for  Secure 
Sockets  Layer. 

“We  want  the  industry  to  figure  out  how  to  make  cookies  secure," 
Beach  says.  Boeing  also  needed  to  fill  in  holes  in  the  SAML  specifi¬ 
cation,  including  establishing  a  global  log-out  mechanism  and  ses¬ 
sion  management.  Both  had  to  be  added  through  customizations. 
Boeing  also  had  to  create  customizations  to  close  vulnerabilities  pre¬ 
sented  by  the  bookmark  feature  in  the  browser  software.  And  it  had 
to  set  up  authentication  policies  within  Oblix  to  give  the  system  the 
ability  to  provide  specific  information  about  users. 

“It  was  hard,  and  it  was  expensive,  but  a  lot  of  that  was  our  fault," 
Beach  says. “We  took  on  the  world;  we  encompassed  legacy  systems 
and  did  third-party  integrations.” 

He  says  Boeing  also  has  discovered  that  it  is  difficult  to  manage  a 
large  number  of  access  policies  and  that  the  system  puts  a  heavy 
load  on  its  directory  services.  He  says  it  was  also  hard  to  manage 
expectations  of  end  users.  “But  the  good  news  is  that  it  works  and 
we’ve  got  some  subsidiaries  that  want  us  to  provide  them  the  same 
SAML-based  authentication  to  our  systems.  Our  executives  are  really 
excited  about  this  project,"  he  says.  ■ 
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Settling  on  64 

Still  far  from  being  mainstream,  Intel-based  64-bit 
computing  is  nevertheless  moving  into  corporate  data 
centers.  A  check  list  to  consider  if  you’re  thinking  about 
making  the  move: 

Why? 

Memories.  Memory  limitations  experienced  on  32-bit  platforms 
disappear  with  Intel  64-bit  systems. 

Oomph.  Processing  power  and  speed  get  a  significant  punch  when 
jumping  from  32  to  64  bits. 

Saving  spaces.  Applications  running  on  multiple  32-bit  machines 
can  be  consolidated  on  fewer  64-bit  servers. 

VIP  service.  Early  adopters  are  working  closely  with  vendors  to 
iron  out  their  unique  wrinkles. 


Cost.  The  new  64-bit  systems  are  more  costly  than  mainstream 
32-bit  systems. 

The  application  factor.  Independent  software  vendors  are 
slowly  signing  on  to  64-bit  so  the  application  selection  is  limited. 

Not  necessary.  Many  users  say  their  systems  are  running  just 
fine  on  32-bit  servers. 

The  extras.  Things  such  as  virus  software  aren't  available  yet 
for  64-bit  systems  so  that  might  limit  what  kind  of  work  can  be 
done  on  the  machines. 


64-bit 

continued  from  page  1 

healthcare  to  a  group  of  people,  if 
it’s  not  time-critical, if  it’s  not  trans¬ 
actional, then  we’re  more  focused 
on  running  those  things  on  64- 
bit,”  he  says.  “We’re  not  at  a  point 
yet,  though,  where  we’re  comfort¬ 
able  enough  to  put  those  [cus¬ 
tomer-facing]  databases  on  [a  64- 
bit]  machine.” 

Although  64-bit  RISC-based  sys¬ 
tems  have  been  widely  used  in  re¬ 
search  labs  and  academic  institu¬ 
tions  for  high-performance  com¬ 
puting,  the  newer  Intel-based  64- 
bit  machines  are  making  their 
way  into  corporate  data  centers 
supporting  data  warehouses, busi¬ 
ness  analytics,  and  even  file  and 
print  applications.  Still,  Intel’s  64- 
bit  chip,  Itanium,  is  now  found  in 
fewer  than  5%  of  all  servers 
shipped,  analysts  say 

Itanium’s  move  into  the  corpo¬ 
rate  mainstream  is  slow  because 
many  IT  managers  are  waiting 
for  greater  industry  support  of 
64-bit  computing.  It  hasn’t 
helped  that  Itanium’s  path  has 
been  a  tough  one.  The  first  and 


second  generations  of  Itanium 
failed  to  meet  expectations,  and 
vendors  —  and  users  —  are 
hoping  the  third  generation  of 
the  chip,  code-named  Madison 
and  officially  released  last  week, 
will  finally  meet  their  needs. 

Today,  the  number  of  enterprise 
applications  that  run  on  Itanium 
is  small  —  around  100,  while  64- 
bit  RISC  can  run  thousands. 
Itanium’s  arsenal  is  growing, 
though:  In  just  the  last  few 
months,  for  example,  Microsoft 
rolled  out  a  64-bit  version  of  its 
SQL  database,  and  independent 
software  vendors  such  as  SAP 
and  Lawson  have  announced 
that  they  will  support  Itanium  2 
with  their  applications. 

Systems  vendors  also  are  start¬ 
ing  to  grasp  the  idea  that  64-bit 
computing  can  play  a  role  in  cor¬ 
porate  networks.  They  are  rolling 


out  boxes  based  on  Intel’s  Itan¬ 
ium  processors  to  expand  their 
64-bit  repertoire  beyond  their  pro¬ 
prietary  —  and  typically  more 
expensive  —  RISC  architectures. 

Advanced  Micro  Devices’  new 
64-bit  chip, Opteron,  has  garnered 
some  attention  from  systems  ven¬ 
dors.  The  chip  is  based  on  Intel’s 
x86  instruction  set  with  64-bit 
extensions,  meaning  it  can  run 
32-  and  64-bit  applications  simul¬ 
taneously.  Itanium  runs  32-bit 
applications  with  some  degrada¬ 
tion,  but  Intel  executives  say  that 
concern  has  been  addressed  in 
the  latest  release.  IBM  is  the  only 
major  systems  vendor  to  an¬ 
nounce  support  for  Opteron,  and 
demonstrated  a  server  cluster 
based  on  it  at  the  ClusterWorld 
Conference  &  Expo  last  month. 

Dell  has  introduced  an  Itanium- 
based  server,  although  executives 
say  the  company’s  focus  is  on  the 
high-performance  computing 
community  until  64-bit  comput¬ 
ing  in  corporations  becomes 
mainstream. 

At  the  same  time,  early  corpo¬ 
rate  adopters  of  Itanium  say  there 
is  no  reason  to  wait.They  say  they 


already  are  reaping  benefits  from 
Itanium-based  servers  and  pre¬ 
dict  that  it  won’t  be  long  before 
64-bit  boxes  become  the  norm. 

“There  may  not  be  a  whole  lot  of 
applications  built  on  64-bit  today 
but  if  we  look  at  this  story  about 
36  months  from  now,  I  would 
guarantee  you  that  64-bit  will 
become  the  way  of  the  land,”  says 
Jeff  Cohen,  CIO  at  JetBlue  Airways 
in  Forest  Hills,  N.Y  “In  five  years 
you  probably  won’t  have  any  data¬ 
base  applications  running  on  32- 
bit,  because  64-bit  will  become  so 
highly  commoditized.” 

Cohen  says  he  has  had  no  prob¬ 
lems  since  he  began  beta-testing 
Microsoft’s  64-bit  SQL  Server  last 
fall.  JetBlue’s  frequent-flyer  appli¬ 
cation  has  been  running  on  the 
64-bit  SQL  database  on  an  HP 
rx5670  Itanium-based  server 
since  December.  “We  saw  major 


improvements,”  he  says. 

Not  only  was  he  able  to  consol¬ 
idate  the  frequent-flyer  applica¬ 
tion  from  two  servers  onto  one 
server,  but  he  also  found  that  the 
application  used  only  about  15% 
of  the  box’s  processing  power  at 
the  application’s  peak,  as  com¬ 
pared  with  consuming  more  than 
half  of  the  available  resources  on 
the  two  ProLiant  boxes  it  was  run¬ 
ning  on  previously  What’s  more, 
the  application  performed  better, 
he  says. 

Cohen  says  he  also  found  im¬ 
proved  performance  by  combin¬ 
ing  disparate  data  warehouses 
into  a  single  system  on  a  16-pro- 
cessor  Itanium  2  ES7000  from 
Unisys  running  Windows  2003 
Datacenter  Edition. 

“Performance  has  been  abso¬ 
lutely  improved.  Anybody  who 
tests  [64-bit  computing]  will  see 
there’s  no  discussion,”  he  says.“It’s 
the  difference  between  buying  a 
four-cylinder  and  an  eight-cylin¬ 
der  car’’ 

As  for  challenges  in  moving  to 
64-bit  computing,  Cohen  says 
there  have  been  “zippo.” 

“If  you’re  doing  it  in  the  SQL 
environment,  you  don’t  have  to 
rewrite  applications,”  he  says.“You 
just  basically  pour  data  into  the 
data  warehouse  from  32-  to  64-bit 
and  you’re  off  and  running.” 

It  wasn’t  just  a  matter  of  pouring 
data  from  32-  to  64-bit  systems  for 
Tim  Eitel,  CIO  at  Raymond  James 
Financial  in  St.  Petersburg,  Fla.The 
firm  is  using  a  16-processor  Itan¬ 
ium  2-based  HP  Superdome  to 
consolidate  databases  into  a  sin¬ 
gle  data  warehouse  that  uses 
Microsoft’s  64-bit  SQL  Server. That 
move  will  let  the  firm  run  busi¬ 
ness-intelligence  applications  us¬ 
ing  all  its  customer  data.  Eitel  says 
Raymond  James  has  worked 
closely  with  Microsoft  to  develop 
the  database  application  for  the 
64-bit  platform. 

“We  don’t  have  all  the  expertise, 
but  we’re  learning  as  we  go 
along,”  he  says.  “The  plan  is  we’ll 
be  able  to  build  the  other  phases 
ourselves.” 

Eitel  says  he  sees  the  industry 
heading  toward  64-bit  systems 
and  plans  to  migrate  other 
applications  over  as  they 
require  “major  changes  and 
modifications.” 

As  for  Fortis’  Jones,  he  says  that 
as  applications  such  as  disk  quo¬ 
tas  and  virus  software  become 
available  on  64-bit  machines,  he 
will  move  more  applications  onto 
64-bit  platforms.  He  says  Windows 
2003  Server  Datacenter  Edition 
will  likely  address  those  issues. 

In  the  meantime,  he  is  trying  out 
the  64-bit  processors  on  a  modu¬ 


lar  Unisys  ES7000,  where  he  can 
easily  remove  the  64-bit  proces¬ 
sors  and  replace  them  with  32-bit 
chips  if  things  head  downhill. 

“We  can  move  forward  and  get 
value  out  of  the  technology  for 
the  business  without  either  jump¬ 
ing  in  with  both  feet  or  having  to 
stand  back  and  wait  for  every¬ 
body  else  to  do  it,”  he  says. 

Jones  is  using  the  eight  Itanium 
processors  in  the  ES7000  box  to 
run  business-intelligence  applica¬ 
tions,  and  he  plans  to  bring  file 
and  print  systems  over,  at  least,  in 
the  near  term. 

“If  you  are  doing  very  large 
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databases,  if  you  are  doing  in- 
depth  data  analysis,  anything 
that  requires  gobs  of  memory 
—  then  go  with  64-bit.  And  I 
would  say  in  another  six 
months  that  doing  file  and  print 
on  64-bit  is  going  to  be  so  easy 
and  so  economically  viable, 
one  should  probably  look  at 
that,”  he  says.“But  1  wouldn’t  be 
worried  about  whether  1  was 
going  to  rewrite  my  core  busi¬ 
ness  applications  for  64-bit  at 
this  point."  ■ 
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1 1  Performance  has  been  absolutely 
improved.  Anybody  who  tests  [64- 
bit  computing]  will  see  there's  no 
discussion.  It's  the  difference 
between  buying  a  four-cylinder 
and  an  eight-cylinder  car.  9  9 

Jeff  Cohen 

CIO,  JetBlue  Airways 
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Past  the  event  horizon 


Doctrine  defines  the  event  horizon, 
conceptually  that  location  in  time  and 
space  where  a  force  interacts  with  the 
enemy's  will. ...  It  is  the  task  of  doc¬ 
trine  to  extend  the  event  horizon  as 
far  away  as  possible  from  the  com¬ 
mander.  An  extended  event  horizon 
gives  the  commander  more  time  to 
plan  and  execute;  it  protects  his  decision-making 
cycle,  while  chipping  away  at  the  enemy's. 

—  “Defining  The  Event  Horizon:  The  Marine 
Corps  And  The  Dialectic  Of  Maneuver  Warfare  And 
Airland  Battle"  (see  www.nwfusion.com,  Doc- 
Finder  6762) 

If  you  believe  the  press,  the  battle  between  the 
public  and  the  media  and  entertainment  industries 
over  illegal  content  sharing  is  still  underway  The 
reported  conflict  centers  on  the  continuing  saga  of 
the  Recording  Industry  Association  of  America,  the 
Motion  Picture  Association  of  America  and  various 
demented  senators  (see  DocFinder:  6763)  trying  to 
implement  legislation  and  Gestapo-style  tactics  to 
bring  the  bad  boys  to  justice. 

But  that  is  completely  wrong.  These  brave  de¬ 
fenders  of  content  apparently  think  that  the  event 
horizon  is  yet  to  arrive,  as  if  there  were  a  battle  to  be 
joined  that  would  determine  the  outcome. 

What  the  axis  of  entertainment  has  missed  is  that 
the  event  horizon  is  so  far  in  the  past  that  the  war  was 


lost  months  if  not  years  ago. To  not  admit  that  is  to  be 
in  denial. Todays  battles  with  the  “pirates”  are  merely 
shadowboxing  while  the  winner,  the  great  unwashed 
public,  is  walking  away  with  the  victor’s  belt. 

The  reason  for  what  is  effectively  a  complete 
defeat  is  that  sometime  in  the  1990s  we  became  a 
society  based  on  digital  data.  It  was  a  tricky,  subtle 
transformation  because  the  dividing  line  between 
the  Post-Industrial  Era  and  the  Digital  Era  wasn’t 
predicated  on  a  single  technology  or  product  and 
the  changes  were  cumulative  and  irreversible. 

The  result  of  being  bit-based  was  the  explosion  of 
digital  devices  that  make  today’s  copyright  battle¬ 
field  unmanageable  for  media  owners.  And  it  is  no 
longer  just  a  problem  for  the  music  industry 

For  example,  at  screenings  of  many  recent  films, 
including  Disney’s  latest  cartoon,  “Finding  Nemo,” 
guards  have  used  metal  detectors  and  night-vision 
goggles  to  find  audience  members  filming  the 
movies.  But,  no  surprise,  these  tactics  didn’t  work. 
Both  “Finding  Nemo”  and  “The  Matrix  Reloaded” 
were  on  the  ’Net  as  downloadable  videos  before 
general  release. 

And  how  about  the  latest  J.K.  Rowling  book,  Harry 
Potter  and  the  Order  of  the  Phoenix ?  Within  hours  of 
its  release  pirates  had  scanned  and  converted  the 
book  into  text  and  turned  it  loose  on  the  Kazaa  file¬ 
sharing  network. 

The  conclusions  that  you  can  draw  from  these 
events  are:  1)  anything  that  can  be  made  digital  will 
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be;  2)  sharing  of  digital  content  cannot  be  stopped; 
and  3)  no  source  of  content  is  exempt. 

For  the  corporate  world  the  implications  are  pro¬ 
found  because  senior  management  currently 
expects  that  privileged  information  and  data  can  be 
kept  secret.  They  are  wrong. 

Anything  digital  is  one  step  from  being  turned 
loose.  Usually  all  it  takes  is  one  keystroke  to  do  the 
damage  and  then  copies  of  “interesting”  data  take  on 
a  life  of  their  own. 

And  it  is  getting  harder  to  keep  information  private 
because  the  jump  from  paper  to  digital  data  is  smaller 
than  it  has  ever  been. With  a  $50  scanner  and  the  opti¬ 
cal  character-recognition  software  built  into  Windows 
XP  anyone  can  convert  from  paper  to  bits  without 
breaking  a  sweat. 

You  prevent  this  by  putting  in  place  a  closed,  high- 
security,  military-style  network  that  isn’t  connected 
to  anything  else  and  where  you  can  frisk  the  staff  as 
they  enter  and  exit  the  secured  area  in  which  the 
network  lives.  Great  in  theory,  lousy  in  practice 
unless  you  happen  to  be  in  the  armed  forces,  the  CIA 
or  the  National  Security  Agency. 

The  world  has  changed  because  we  crossed  the 
battle’s  event  horizon  without  knowing  it.  Life,  par¬ 
ticularly  business  life,  will  never  be  the  same.  Now 
we  just  have  to  wait  for  the  media  and  corporate 
senior  management  to  get  it. 

Secrets  and  lies  to  backspin@gibbs.com. 
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By  Paul  McNamara 

Jesse  and  James  swear  by  it 

Quiz  time:  What  do  former  Minnesota 
Gov.  Jesse  Ventura  and  political  pit  bull 

James  Carville  have  in  common? 

Big  mouths  and  not  much  hair,  you  say?  . .  .That’s  a  swell  guess,  but  not  the 
answer  we're  looking  for  here. 

Both  men  are  featured  onTV  and  radio  commercials  assuring  us  that  Infone 
is  the  greatest  addition  to  telephone  utility  since  the  answering  machine  made 
call  screening  possible. 

Of  course,  any  paid  pitchman  worth  his  0  rating  would  sing  the  praises  of  busy 
signals  if  that's  what  the  client  happened  to  be  selling,  but  let’s  not  get  picky. 

What  I  find  interesting  about  the  ubiquitous  Infone  commercials  is  what  they 
say  about  the  economy:The  return  of  good  times  must  be  so  close  we  can 
practically  taste  champagne  bubbles  in  the  air  if  an  idea  this  frothy  has  enough 
lift  to  warrant  a  big-time  ad  campaign. 

So  what’s  Infone  all  about?  In  an  otherwise  cloying  FAQ  section  on  its  Web 
site,  the  company  playfully  bills  itself  as  "All  that  is  good  and  wholesome  about 
the  telephone  business." 

But  then  it  has  to  actually  describe  what  it  is  selling. 

"In  addition  to  plain  old  directory  assistance,  we  provide  all  sorts  of  personal 
assistant,  and  concierge  services.  Just  imagine:  If  you  forget  where  your  next 
meeting  is,  we’ll  tell  you  the  location  and  the  meeting  time;  if  you  call  for  a 
restaurant,  we  can  book  a  reservation  for  you;  if  you’re  lost,  we’ll  give  you  dri- 
w  ig  directions;  if  you  want  to  know  what’s  playing  at  the  movies,  a  friendly 
operator  will  tell  you." 

In  other  words,  if  you’re  disorganized,  disoriented  and  downright  lazy,  Infone  has 


operators  standing  by  to  right  your  ship  . . .  and  also  liberate  you  from  your  cash 
at  a  rate  of  89  cents  a  minute  for  the  first  15  and  a  nickel  a  minute  thereafter. 

Infone  is  the  brainchild  of  Metro  One  Telecommunications,  which  has  handled 
directory  assistance  for  cell  phone  companies  for  more  than  a  decade.The 
people  at  Metro  One  are  no  doubt  earnest  men  and  women  who  sincerely  see 
this  service  as  a  natural  extension  of  their  business:  a  convenience  offering  for 
the  too-busy  well-to-do;  just  right  for  the  times  . . .  presuming  we  are  about  to 
turn  the  corner  into  economic  recovery. 

I  just  find  it  hard  to  believe  that  a  lot  of  people  will  pay  almost  a  buck  a 
minute  for  a  phone  call  that  doesn’t  involve  heavy  breathing. 

Another  reason  to  distrust  online  polls 

Last  week  I  mentioned  that  my  faith  in  online  opinion  polls  has  always  been 
undercut  chiefly  by  the  knowledge  that  such  surveys  are  inherently  unreliable. 
Respondents  choose  for  themselves  whether  to  participate,  which  means  there  is 
no  accounting  for  the  inevitable  biases  that  spur  or  deter  replies. 

Another  reason  these  polls  should  be  discounted  is  endemic  to  surveys  of  all 
kinds:  Human  nature  dictates  that  some  unknown  number  of  people  will  respond 
in  a  way  that  makes  them  look  or  feel  good,  as  opposed  to  telling  the  truth. 

For  example,  take  this  question  featured  recently  on  the  CNN  Web  site:  "Have 
you  ever  criticized  your  boss  in  e-mail  to  co-workers?” 

Out  of  the  75,000  or  so  who  volunteered  replies,  26%  admitted  they  have  used 
e-mail  to  rank  on  those  who  outrank  them. 

As  for  the  other  74%?  Sure  there's  a  saint  or  two  in  every  crowd,  but  the 
majority  had  better  not  run  around  claiming  their  mothers  raised  no  liars. 

The  columnist  promises  to  read  your  e-mail  for  a  lot  less  than  89  cents  a  minute. 
Try  buzz@nww.com. 


An  increasingly  mobile  workforce 
opens  your  network  up  to  a  host  of  threats, 
both  accidental  and  intentional. 


The  only  place  to  securely  meet  the  challenges  that  a  mobile 
workforce  brings  to  a  network  is  at  the  point  where  people  connect. 
The  HP  ProCurve  Adaptive  EDGE  Architecture  affordably  puts 
intelligence  and  control  at  the  edge  of  the  network,  giving  you  the 
power  to  easily  adapt  to  future  needs  as  new  wired  and  wireless 
mobility  solutions  are  implemented. 

With  industry-standard  switches  like  the  HP  ProCurve  5300x1  series, 
you  can  cost-effectively  deploy  user  and  security  applications  at  the 
point  of  connection.  It  immediately  recognizes  the  user  and  the  types 
of  services  and  access  they  are  permitted  to  have,  preventing 
unauthorized  traffic  and  potential  threats. 

Free  Network  Design  To  schedule  a  free  network  design  and  to 
learn  how  HP  ProCurve's  affordable  solutions  can  help  you  meet 
current  and  future  needs  for  mobility,  security  and  convergence, 
call  1-800-975-7683  or  visit  hp.com/go/procurve. 


hp  procurve 
5372x1 
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We've  been  listening  to  what  you,  our  customers,  have  to  say  about  the  way  the  software  industry 
does  business.  And  frankly,  some  of  it  couldn't  be  repeated  in  print.  You've  been  frustrated 
by  long-term  agreements.  You've  been  disenchanted  by  the  lack  of  options  when  it  comes  to 
software  licensing.  And,  most  of  all,  you've  been  annoyed  that  no  one's  been  listening  to  any 
of  your  complaints. 

Well,  we  want  you  to  know  that  we  hear  you,  and  we've  been  doing  everything  we  can  to  change 
the  way  we  do  business  with  you.  Recently,  we've  revolutionized  the  industry  by  being  the  first 
to  introduce  flexible  licensing  contracts.  With  FlexSelect  Licensing5",  you  can  now  get  software 
on  your  terms,  not  ours.  We  offer  short-term  or  long-term  licensing  agreements,  so  you  can 
choose  your  commitment  based  on  your  needs.  Of  course,  if  you  prefer  more  traditional  long¬ 
term  licensing,  it's  still  available.  And  we  offer  payment  plans  that  fit  the  way  you  work,  not 
the  other  way  around. 


Flexible  software  licensing  is  about  choice. 

It's  about  control. 

It's  about  time. 


We've  heard  back  from  many  of  our  customers  and  they're  thrilled  with  the  changes.  From  global 
Fortune  500®  companies  to  smaller  organizations,  the  response  has  been  overwhelmingly 
positive.  Some  of  the  comments  we've  received  include  "flexible  licensing  is  a  tremendous  tool," 
"a  huge  win  for  CA  customers"  and  "clearly  demonstrates  that  CA  is  an  extremely  innovative, 
flexible  and  customer-focused  company." 

But  the  changes  don't  stop  with  flexible  licensing.  That's  just  one  part  of  our  renewed  focus 
on  you,  our  customers.  We've  also  increased  our  responsiveness  to  your  needs.  And  we've  even 
increased  our  focus  on  internal  research  and  development,  furthering  our  commitment  to 
creating  the  most  innovative  business  software  solutions  in  the  market. 

Innovations  in  licensing,  increased  customer  responsiveness  and  product  development  are  just 
a  few  more  ways  we're  staying  well  ahead  of  the  rest  of  the  pack  in  the  software  industry.  Contact 
us  at  ca.com/flexselect  today  to  find  out  more.  We  think  you'll  be  pleased  with  what  you  see. 
If  not,  let  us  know.  And  we'll  do  something  about  it. 


FlexSelect  Licensing*’ 


Computer  Associates® 


©2003  Computer  Associates  International,  Inc.  (CA)  All  trademarks,  trade  names,  service  marks,  and  logos  referenced  herein  belong  to 

their  respective  companies. 


